Version: 1.1.6

Table of contents

Version 1.11.4

Hotfix release: 04 October 2024

Endpoint Manager Core

Bugfix
  • Updated communication client binaries version for 9.2 and 9.3
Version 1.11.3

Hotfix release: 21 August 2024

Endpoint Manager Core

Bugfix
  • Fixed profile packing while prepare offline installer
Version 1.11.2

Public release: 19 August 2024

Endpoint Manager Core

Bugfix
  • Updated security client version to 13.0
Version 1.11.1

Public release: 19 August 2024

Endpoint Manager Core

Bugfix
  • Updated communication client version to 9.2
Version 1.11

Public release: 22 July 2024

Endpoint Manager Core

New Features
  • Added chat
  • Added alert-management feature
  • Added patch-management feature
Improvements
  • Minor changes
Version 1.10

Public release: 13 May 2020

Endpoint Manager Core

New Features
  • Mark Duplicate Devices by MAC address

    In addition to the device name, you can now use MAC addresses to identify duplicate devices. This improves search accuracy when devices in separate organizations or networks may have the same name.

Bug Fixes
  • Fixed the issue of CCC and CCS Branding settings are not applied.
  • Fixed the issue of Endpoint Manager users being unable to takeover device when 2FA is enabled.
  • Fixed the issue of maintenance windows are not available for procedures scheduling.
  • Fixed the issue of inconsistency between device statuses on Endpoint Manager portal and Remote Control application.
  • Fixed the issue of inability to reset screen passcode on iOS device through portal.

Here is the wiki of this feature.

Security

New Features
  • ‘Added ‘Quarantined Files’ tab to the Mac OS device details. You can get a list of ‘Quarantined files’ from particular device. ’

    Here is the wiki of this feature.

  • We improved file searches in Endpoint Manager’s Valkyrie page by adding Start/end date filters.

Here is the wiki of this feature.

Data Loss Prevention
  • Added the ability to view logs of DLP monitoring rules.
  • Added a ‘Patterns’ column to the discovery logs detail window.
  • You can now delete or quarantine files discovered by a DLP discovery scan.
  • You can now create custom search patterns for DLP scans. Custom patterns can consist of specific keywords, keyword groups and data formats.

Here is the wiki of this feature.

Improvements
  • We started ‘Export to csv’ action in Audit logs (from all pages).

  • 'Threat history' became 'Android threat history'. We continue collection all logs. But right now, all logs from Mac/Win/Linux are not available to view from Threat History page.

Bug Fixes
  • Fixed an issue of "Unable to add network path to Containment virtualization exclusions"

  • Fixed an issue of "FW blocking communication (missing cmdprots.exe in predefined file group)"

Remote Tools

New Features
  • Audit logs now record all command prompt and PowerShell actions.

    Here is the wiki of this feature.

  • Admins can now choose whether to access the remote device as the current user or as a local system user. This choice is available for file explorer, process explorer, service explorer and the command interface.

    Here is the wiki of this feature.

Remote Control

New Features
  • Added ability to pause and resume file transfer.

  • Added ability to suspend and resume file transfer session.

Here is the wiki of this feature.

Bug Fixes
  • Fixed an issue of "Takeover failed to start.Connection data is invalid." while connecting to macOS devices.

Remote Monitoring and Management

New Features
  • Procedures for Mac OS

    You can now create, run and schedule procedures on MacOS devices.

    Here is the wiki of this feature.

  • Set Alias or Friendly Name for Network Devices

    You can now change network device names to memorable/understandable names.

    Here is the wiki of this feature.

Patch Management

New Features
  • Enable / Disable Patch Management from Profiles​

    You can now​ disable all patch management operations in active profiles. Admins can disable all updates/installations via:

    • On-demand patch installations
    • Scheduled patching operations
    • Patch installations via procedures
  • Here is the wiki of this feature.

Bug Fixes
  • Fixed the issue of patches being applied outside maintenance windows.

Comodo Client Security

Windows
Data Loss Prevention
  • New DLP monitoring rule lets you block users from taking screenshots while specific applications are running.​ This is useful for applications which are known to handle sensitive data.
  • Added ability to create custom search patterns for DLP scans. As mentioned in the Endpoint Manager section earlier, custom patterns can consist of specific keywords, keyword groups and data formats.
  • Added search support for more file types ​to discovery rules.

Here is the wiki of this feature.

Bug Fixes
  • Fixed an issue of "Connection to NAS via VPN is not possible via SMB2/SMB3 with CCS installed"
  • Fixed an issue of "Device gets very slow with CCS and Windows classic shell"

Client Versions

  • Windows Communication Client 6.35.37275.20040
  • Windows Client – Security 12.2.0.8121
  • Windows Remote Control 6.35.37363.20040
  • MacOS Communication Client 6.35.37320.20040
  • MacOS Client – Security 2.4.4.851
  • MacOS Remote Control 6.35.37358.20040
  • Linux Communication Client 6.28.26228.19060 (previous)
  • Linux Client – Security 2.2.1.501
  • Android Mobile Device Management Client 6.15.0.12
  • iOS Mobile Device Management Client 1.3.0 (previous)
Version 1.9

Public release: 27 March 2020

Endpoint Manager Core

New Features
  • Local distribution of CCC and CCS agents (Torrent)

  • More Granular RBAC for devices, device groups, and remote control

    We improved role based access control (RBAC) for device operations, and to differentiate device operations with remote control permissions:

    • Updated the description of the "users.allow-portal-login" permission.
    • Device group permissions now have a more granular structure:
      • Create
      • Rename
      • Delete
      • Assign
    • Remote control permissions now have a separate structure with the following permissions:
      • Takeover
      • File-Transfer
      • File-Transfer(Upload)
      • File-Transfer(Download)
    • We separated alerts and procedure management controls. Procedures now have the following sub-permissions:
      • Create Procedure
      • Edit Procedure
      • Delete Procedure
      • Approve Procedure
      • Execute Procedure
      • Export Procedure List
    • Alerts now have the following, separate, permissions:
      • Read only > configuration.alerts
      • Full Control > configuration.alerts, manage
  • Results per Page Option for Device Tree

    You can now view device tree with additional pagination options, as you can already in the regular device list. Users can now limit the device tree results with the following number of item options:

    • 20
    • 50
    • 100
    • 200
  • Added support for Ubuntu 19.0

    Endpoint Manager clients now support devices using Ubuntu 19.04.

  • Dark Mode for Android MDM Client

    Devices on Android 10+ can now switch to the MDM client to dark mode.

Improvements
  • CCS - End of Support for Windows 7

    • In line with Microsoft policy and security best practices, we are ending official support for CCS on Windows 7 devices. We encourage all customers to upgrade their Windows based systems to Windows 8 /8.1/ 10.
    • CCS on Windows 7 will continue to work up-to previous version. New versions of CCS will not be supported.
    • The following operating systems are affected:
      • Windows 7
      • Windows Server 2008 R2
Bug Fixes
  • Fixed the issue of Windows Communication Client breaking during upgrade.
  • Fixed the issue of "Installed Apps" tab not opening for macOS devices on portal.
  • Fixed the issue of RMMService.exe using too many UDP ports on Windows Server 2012 R2.
  • Fixed the issue of ITSMService.exe not present after deploying the latest version of Windows Communication Client.
  • Fixed the issue of widget statistics numbers don't matching up.
  • Fixed the issue of ITSMService.exe initiating random restart of endpoint.
  • Fixed the issue of resetting screen passcode on iOS device through portal doesn't work.
  • Fixed the issue of iOS enrollment email not properly displayed on Safari 601.1 (iOS9.3.5)
  • Fixed the issue of entered user credentials disappearing from DEP profile Setting after navigating across DEP profile tabs.

Here is the wiki of this feature.

Security

New Features
  • Profile Section Addition with Default Settings - Windows profile (HIPS/Antivirus/Containment sections): Import profile settings while adding new section

  • You can now schedule virus scans on specific days of the week in a Windows profile.

  • AV usability improvements, Windows: On demand items request operation from portal: Quarantined items

  • Data Loss Prevention:

    • You can now populate keyword groups by importing keywords from a file. This, for example, allows customers to populate the ‘Names’ group with a list of client users or employees.

    • New DLP monitoring rules let you block users from copying or moving files to USB devices.

    • Added ‘Quarantine’ action to DLP discovery rules. This lets admins isolate files containing sensitive information to prevent their exfiltration while a review of the files is in progress.

Here is the wiki of this feature.

Remote Control

New Features
  • Added ability to use the command prompt and PowerShell to manage remote devices:

    • You can connect to the commands interface of the remote device
    • You can run commands in the remote device’s command prompt
    • You can run commands on the remote device’s PowerShell
  • Added file versioning to file transfer operations. Endpoint Manager can now rename files that have the same name as a file on the remote machine, adding a version number to the name of the new file. This allows admins to retain both versions of the file on the destination.

Remote Monitoring and Management

New Features
  • Clone Monitors

    Users can now clone generic and network monitors

    Here is the wiki of this feature.

  • SNMP Monitoring: Performance and Disk Monitor

    • Admins can now retrieve the following device information over SNMP:

      • Performance

        CPU Usage

        RAM Usage

        Disk

        • Free space left on the system drive

          Free space left on all drives

          Free space change on the system drive

    Here is the wiki of this feature.

  • Run Procedures on device groups and customer

    • Admins can now run procedures on all devices belonging to a customer or to a group. You can run procedures on:

      • Device groups

        User groups

        Customers

    Here is the wiki of this feature.

Bug Fixes
  • Fixed the issue of scheduled procedures being executed outside of the maintenance window.

Patch Management

New Features
  • Security Vulnerability Notifications

    Added recipient logic for 'Security Vulnerability' notifications

  • Improved patch information

    Patch Management interface now shows the most recent successful and failed patch scans dates for OS and 3rd party patches.

Comodo Client Security

Windows
New Features
  • Maintenance mode for Windows 7

  • Comodo Client Security Mac – Added support for macOS Catalina

Data Loss Prevention
  • Delete and quarantine actions added to DLP discovery rules
  • New DLP monitoring section lets admins block files from being copied to USB devices
Bug Fixes
  • Fixed an issue with antivirus database updates run from the device itself
  • Fixed an issue with diagnostic utility reports
  • CCS 11.6.1.7849 high CPU usage on Windows Server 2019
  • Diagnostic utility reports errors and can not fix them for CCSM 2.4.4.844

Client Versions

  • Windows Communication Client 6.34.35949.20030
  • Windows Client – Security 12.1.0.8041
  • Windows Remote Control 6.34.35961.20030
  • MacOS Communication Client 6.34.35930.20030
  • MacOS Client – Security 2.4.4.848
  • MacOS Remote Control 6.34.35960.20030
  • Linux Communication Client 6.28.26228.19060 (prod version) - release of new version is not planned
  • Linux Client – Security 2.2.1.495 (prod version) - release of new version is not planned
  • Android Mobile Device Management Client 6.15.0.12
  • iOS Mobile Device Management Client 1.3.0 (prod version) - release of new version is not planned
Version 1.8

Public release: 21 February 2020

Endpoint Manager Core

New Features
  • Mac OSX Catalina Support

    Endpoint Manager agent now supports Mac OSX 10.15 Catalina

  • Improved processes for old and duplicate devices

    Changes made to the device list to help admins identify and deal with old/duplicate devices.

    • Exclamation mark added to old/duplicate devices in the device list
    • Audit logs created when an old/duplicate device is removed​
    • New filter added to the device list for old/duplicate devices​
    • Customize the length of time that must pass before a device is flagged as ‘old’
    • Customize the length of time that must pass before Endpoint Manager removes old devices
    • New removal options for duplicate devices
  • Forward CCC logs to SIEM tool

    You can now forward CCC logs to a SIEM server, emulating the feature already available for CCS.

    • Choose which CCC logs are stored locally.​
    • New options add to ‘Profiles’ > ‘Logging Settings’ > ‘Communication Client’ tab which let you​ forward logs to your desired servers.
  • Dark Mode for iOS MDM Client iOS clients on devices

    with iOS 13+ can now switch to Dark Mode

Bug Fixes
  • Fixed the issue of showing “Daily” as value for schedule column where procedure is not scheduled.

Security

New Features
  • Data Loss Prevention:

    New discovery scans allow you to audit and control sensitive data on a network. Discovery rules let you scan for specific document types and patterns, and to create scan exclusions. We also added discovery scan logs.

Improvements
  • Split the 'Unrecognized and Quarantined files' scan into 2 separate scans. This allows admins to run highly targeted scans which are relevant to their needs.

Bug Fixes
  • Fixed the issue of “Quarantined Files Scanning” being absent on Antivirus -> Scans section in old custom profiles.

Remote Control

New Features
  • Added ability to cancel ‘in-progress’ uploads or downloads in the file transfer feature

  • Added ability to drag and drop files between local and remote machines​

  • Added ability to select and delete multiple files​

  • Added ability to search and sort files and folders

  • File transfer dialog now closes automatically once the transfer is complete

  • Added Mac OSX Catalina support

Remote Monitoring and Management

Bug Fixes
  • Fixed the issue of a monitor still being triggered after it is removed.

  • Fixed the issue of RMMService using x86 architecture download link for x64 applications while performing software upgrade operation

  • Fixed the issue of RMMService running at 25% CPU constantly.

  • Fixed the issue of monitoring tickets not being closed automatically when metrics goes down below threshold.

Patch Management

Improvements
  • Added ‘Reboot Pending’ status to patch manager

    New ‘Reboot Pending’ status informs you that a device needs to be restarted for the patch to become effective

Bug Fixes
  • Fixed the issue of incomplete logs for third party application installations.

  • Fixed the issue of third party patch procedure failing on Microsoft OneDrive.

Comodo Client Security

Windows
New Features
  • Split ‘Unrecognized and quarantined files’ scan into two separate scans

  • Schedule antivirus scans on specific days of the week.

Data Loss Prevention
  • New discovery scans allow you to audit and control sensitive data on a network. Discovery rules let you scan for specific document types and patterns, and to create scan exclusions. We also added discovery scan logs.
Vulnerability & exploit fixes
  • Identify the digital signature level of a newly created system process
  • Identify the parent process of any new system process
Bug Fixes
  • CCS no longer causes system restore operations to get stuck at 'System restore is restoring the​ registry'
  • Fixed bug that prevented users from saving Excel docs to a network folder when CCS 11.5 is​ running
  • Fixed bug that caused device control to function incorrectly when scan removable media is​ enabled
  • Fixed issue that caused application delays and errors when containment is enabled
  • Fixed issue that caused some devices to freeze if CCS 11.6.1.7849 is installed
  • Fixed bug which caused CCS to report all files scanned by CCE as ‘Unrecognized’, instead of​ their true trust rating
  • Fixed incorrect timestamps after running a Comodo reputation DB update
  • Fixed issues that caused high CPU and RAM usage by cmdagent 11.7.0.7899
  • Fixed bug that prevented CCS updates via Squid if authentication was enabled
  • Fixed bug that caused CCS antivirus and firewall to remain in the WMI Security Center​ namespace after uninstalling CCS on Windows 10

Client Versions

  • Windows Communication Client 6.33.34325.20010
  • Windows Client – Security 12.0.0.7959
  • Windows Remote Control 6.33.34187.20010
  • MacOS Communication Client 6.33.34270.20010
  • MacOS Client – Security 2.4.4.844 (previous)
  • MacOS Remote Control 6.33.34199.20010
  • Linux Communication Client 6.28.26228.19060 (previous)
  • Linux Client – Security 2.2.1.495 (previous)
  • Android Mobile Device Management Client 6.14.0.13
  • iOS Mobile Device Management Client 1.3.0
Version 1.7

Public release: 18 December 2019

Endpoint Manager Core

New Features
  • More Granular Role Management

    Updates to the role management interface include:

    • Permissions page is now more clearly organized
    • New ‘Read Only’ permission
    • Overall improvements to roles UI
  • ‘Read Only’ mode added to roles

    Added as a master-switch on the permissions screen, ‘read only mode’ allows users to view pages in Endpoint Manager, but not makes changes nor download reports.

  • Separate Proxy Settings for CCC & CCS

    You can now configure separate proxy settings for the communication client and the security client. Previously, both clients had to use the same settings.

  • Support for Android 10

    Endpoint Manager now supports mobile devices which use Android 10 OS (KNOX is excluded)

  • Export License Details

    Can now export license data from the following pages:

    • License Management’ > ‘Licenses’ tab – export details about all licenses on the account
    • ‘License Management’ > ‘Licenses’ tab > ‘Details’ > ‘Customers’ – export details of how seats on a single license are distributed among various customers
  • New restriction added to iOS profiles

    Added ability to disable personal hotspots on iOS devices.

Improvements
  • XMPP server replacement
Bug Fixes
  • Fixed the issue of showing wrong Maintenance Window in procedure scheduler settings
  • Fixed the issue of inability to deploy msi package throug “Install Custom MSI/Packages”
  • Fixed the issue of ITSMService forcing reboot with 300 seconds delay for patch procedure with “Warn about the reboot and let users postpone it” option if user is not logged in.
  • Fixed the issue of ITSMService 6.30 crashing rarely.
  • Fixed the issue of multiple Comodo Client - Security update command from portal and scheduled rule.

Security

New Features
  • Scan DLLs loaded by processes

    Added new option, 'Monitor DLL files loaded by running processes', to ‘Advanced Protection’ > ‘Miscellaneous’

  • Improved Windows Boot Protection

    Comodo Client Security (CCS) now monitors untrusted DLLs & autoruns before the CCS service launches. This includes untrusted apps and unknown PE files which attempt to load via system vulnerabilities.

  • Add virtual desktop support for the 'Windows Fax and Scan' application

    Windows fax and scan can now access COM/DCOM interfaces direct from the virtual desktop.

  • Additional Valkyrie options

    Added ability to submit files for ‘Automated and human-expert analysis’. This option is available if you have a premium Valkyrie license.

  • Removal Tool

    New tool allows you to quickly uninstall Comodo Client Security.

  • Protected Objects in Containment Section

    Ability to add protected data and registry keys in the containment section

Bug Fixes
  • Fixed the issue of inability to add Protected Registry Keys in HIPS rules

Remote Control

New Features
  • You can now tell the remote control tool to revert to a direct internet connection if your proxy server fails

  • Added 2 Factor Authentication for Endpoint Manager logins on Remote Control application.

  • You can now create favorite folders and view recent directories in the file transfer window.

  • Improved logs for the remote tool application.

Bug Fixes
  • Below issues have been fixed on the Audit Log section;
  • Incorrect “End/Duration” Session value
  • Incorrect “Type” and “Status” value
  • Name of deleted files was absent in old value for Remote tools delete event
  • Incorrect “Session Start/End/Duration” value
  • Old Value column in “Session connection type” has “None” Status

Remote Monitoring and Management

New Features
  • MacOS Monitoring

    You can now monitor the following items on Mac OS devices:

    • Online/offline status
    • Performance
      • CPU
      • RAM
      • Disk usage
      • Network (TCP)
    • Process
    • Ping
  • Active Directory Discovery

    New discovery feature locates any unenrolled devices in your Active Directory (AD) network. You can run AD discovery scans with or without a probe device.

Bug Fixes
  • Fixed the issue of a monitor still being triggered after it is removed.

Patch Management

Improvements
  • Expanded the database of CVEs in the vulnerability management tab (‘Applications’ > ‘Vulnerability Management’)

Comodo Client Security

Windows
New Features
  • Added ability to start scans from a scan profile

  • Changes to client security UI

    • Removed ‘Open Logs’ task (red square)
    • Removed ‘Open Advanced Settings’ task (red square)
    • Added ‘Logs’ button (green square)
    • Changes to the ‘Home’ and ‘Tasks’ screens.
Vulnerability Fixes
  • Option to prohibit shared resources for contained applications
  • Check full path of a newly created SYSTEM process
Bug Fixes
  • Unable to print from IE 11 from VDT

Portal

New Features
  • You can now resend staff activation emails from ‘Management’ > ‘Staff’ ● CCS removal tool added to the ITarian ‘Tools’ page.

  • You can now remove or hide purchased modules from the store interface.

  • You can now use any valid character in your ITarian sub-domain.

  • Added support for the following languages:

    • Dutch
    • Spanish
    • Japanese
    • Italian

Client Versions

  • Windows Communication Client 6.32.33138.19120
  • Windows Client – Security 11.7.0.7899
  • Windows Remote Control 6.32.32996.19120
  • MacOS Communication Client 6.32.33131.19120
  • MacOS Client – Security 2.4.4.844
  • MacOS Remote Control 6.32.32995.19120
  • Linux Communication Client 6.28.26228.19060
  • Linux Client – Security 2.2.1.495
  • Android Mobile Device Management Client 6.14.0.13
  • iOS Mobile Device Management Client 1.2.27
Version 1.6

Public release: 12 October 2019

Endpoint Manager Core

New Features
  • Fallback connections for proxy servers

    You can now tell CCC and CCS to use a direct internet connection if your proxy server is not reachable for any reason.

  • Two-factor authentication on standalone Endpoint Manager

    Two-factor authentication has been an option on Comodo One and ITarian portals for some years now. With this release, we extend the feature to the standalone version of Endpoint Manager.

    Endpoint Manager admins can now:

    • Force two-factor authentication for all Endpoint Manager users
    • Enable two-factor for themselves
    • View the status of two-factor authentication on all user accounts
    • Reset two-factor authentication if there are issues
  • Flag and remove options for old and duplicate devices

    New device management options allow admins to:

    • Filter duplicate devices
    • Define a time period after which inactive and duplicate devices will be removed from Endpoint Manager
  • Support for iOS 13

    Endpoint Manager now supports mobile devices running on iOS 13.

  • Change Passwords Manually

    You can now manually reset an Endpoint Manager user account password. Admins can now specify, or auto-generate, a new password on behalf of users.

Security

New Features
  • Shellcode injection moved to Miscellaneous tab

    The shellcode injection option has been moved from the HIPS section of a Windows profile, to the ‘Miscellaneous Settings’ section. This was done for consistency with the Windows security client (CCS)

  • ‘Skipped’ status added to antivirus logs

    Antivirus logs in the security dashboard now state ‘Skipped’ if a file was not scanned. The new description is more useful for troubleshooting purposes than the previous description of ‘Unknown’.

  • Ability to restore disabled services, autoruns and scheduled tasks

    You can now view all disabled services, autoruns and scheduled tasks in the ‘Antivirus’ area of Endpoint Manager. Admins can re-enable these items on selected devices, or all devices.

Remote Control

New Features
  • Proxy Configuration Fallback

    Admins can now have the Remote Control tool revert to a direct connection if their proxy is unavailable.

  • File Transfer Improvements

    The latest release sees the following incremental improvements to remote file transfers:

    • Select and transfer multiple items.
    • Single-click remote files/folders to rename them
    • 'Transfer Logs' have been added to the ‘Audit Logs’ section.
Bug Fixes
  • Fixed occasional connection errors when using remote tools in the Endpoint Manager portal.
  • Fixed issue that prevented Comodo Remote Control sessions when a maintenance window was active on target devices.

Remote Monitoring and Management

New Features
  • Procedure workflows:

    You can now receive reports after a procedure is successful on targeted devices.

    More details about a failed procedure have been added to auto-generated Service Desk tickets.

Improvements
  • Hidden procedure execute for support admin account.
  • Redesigned storage structure.
  • Improve logging mechanism for network discovery.
Bug Fixes
  • Fixed bug which caused the RMM service to crash (specifically RMMService 6.30.29303.19090)

Patch Management

New Features
  • OS patching on vulnerable devices

    Admins can now install operating system patches on at-risk/vulnerable devices.

Improvements
  • Improvements to the patch manager log collector

Bug Fixes
  • Fixed a procedure execution issue related to logged in users
  • Fixed bug that caused Endpoint manager to mistakenly show supported software as unsupported
  • Fixed issue related to Microsoft Teams collaboration software

Comodo Client Security

Windows
New Features
  • Scan DLLs loaded by processes

    Added new option, 'Monitor DLL files loaded by running processes', to ‘Advanced Protection’ > ‘Miscellaneous’

  • Improved Windows Boot Protection

    Comodo Client Security (CCS) now monitor untrusted DLLs & autoruns before the CCS service launches. This includes untrusted apps and unknown PE files which attempt to load via system vulnerabilities.

  • Scan from VDT session or via 'Windows Fax and Scan' application

    Added list for application which allowed to access COM/DCOM unrestricted from containment and be a part of configuration.

  • Monitor Un-trusted DLLs & autoruns before CCS service launches

    Added new option "Use direct connection if proxy is unreachable" the Proxy and Host settings.

  • Two-factor authentication added to Unknown File hunter (UFH)

    After setting up 2FA in the portal, users will also be able login to UFH with the same system of Google Authenticator codes.

Vulnerability Fixes
  • Refactoring to resolve CVE-2019-14694
  • Contained applications are now prohibited from accessing power options
  • Unsigned DLLs can no longer load into Comodo Client Security processes. Supported on Windows 8+
  • Added ability to prevent contained processes reading the memory of other processes.
Bug Fixes
  • Full scan aborted - cavwp.exe crashes on Windows 10x64
  • Application crashes when it is started in Containment via right click
  • Virtual desktop prompt is split when 2 screens are connected
  • Unable to start browsers in containment
  • CCS does not start "Antivirus Update" operation by "COMODO Signature Update" scheduled task
  • AV scan doesn't log embedded code detected in autorun items correctly

Client Versions

  • Windows Communication Client 6.31.30434.19100
  • Windows Client – Security 11.6.0.7829
  • Windows Remote Control 6.31.30444.19100
  • MacOS Communication Client 6.31.30316.19100
  • MacOS Client – Security 2.4.4.844
  • MacOS Remote Control 6.31.30425.19100
  • Linux Communication Client 6.28.26228.19060
  • Linux Client – Security 2.2.1.495
  • Android Mobile Device Management Client 6.13.8.2
  • iOS Mobile Device Management Client 1.2.27
Version 1.5

Public release: 07 September 2019

Endpoint Manager Core

New Features
  • Onboarding Wizard for Enrollment

    Device enrollment process is redesigned and made much more easier. Now you will be able to enroll and protect your device in a single wizard, with a couple of clicks.

    With this feature, administrators will be able to:

    • Have enroll and/or protect options to the current device or any other device.
    • Have enroll and/or protect options for the devices which have different type of operating systems.
  • Apple DEP Integration

    iOS devices which are added to DEP can now be enrolled automatically with Apple DEP integration. All iOS devices that are managed over DEP will be synced automatically into Endpoint Manager.

    With this feature, admin will be able to:

    • Sync and manage iOS devices from Apple DEP
    • Manage enrollment settings and notification settings of Apple DEP
    • Add, remove or renew Apple DEP token on Endpoint Manager.

    For more information about Apple DEP, please visit DEP Guide

Security

New Features
  • Device Tree in Security dashboard pages

  • Displaying VD Logs on Security Subsystems

    Now, you will be able to track Virtual Desktop logs inside Event View tab on Security Dashboards.

  • Virtual Desktop status in Device list

    There will be a new column as "Virtual Desktop" in device list, which indicates whether virtual desktop session is initiated or not. There will be 3 different icons:

    • Virtual Desktop is running
    • Virtual Desktop is not running
    • Virtual Desktop is not supported
  • Ability to disable network ccsm realtime antivirus scans from MacOS Profiles

    Now, you will be able to enable/disable realtime antivirus scans directly from Endpoint Manager Portal MacOS Profiles

  • Device Tree in Security dashboard pages

    Similar to Device List section, device tree is added in Security Dashboards so that you can view and take action for specific device groups.

Remote Monitoring and Management

New Features
  • SNMP Monitoring

    With this feature, you will be able to use SNMP monitoring to monitor network devices as well. Also it is possible to:

    • Manage devices which are founded from the network
    • Create profiles for network devices
    • Create monitors for network devices.
  • Auto Enrollment for Network Devices

    Now, it is possible to define auto enrollment preferences for network discoveries.

  • Clearer, Filterable, Exportable Procedure Logs

    With this feature, exporting data, procedure log and status appearance and procedure details are improved.

  • Showing Results

    With this feature, now it is possible to email scheduled procedure logs and procedure details and logs are improved.

Improvements
  • SPM configuration package list optimization: diff and versions
  • Alert microservice
  • Refactor model: add functionality of empty value replacing
  • Refactoring and aligning SNMP Library
  • Improve OUI Lookup mechanism
  • Hidden procedure execute for support admin account
Bug Fixes
  • Fixed bug that caused disk space monitors to produce a false positive.
  • Fixed the issue of preventing monitoring the 'Event ID' if 'Event ID' + 'Source' are monitored.
  • Fixed the issue of RMMService hangs performing Software inventory scan.
  • Fixed the issue of procedure execution fail.

Patch Management

New Features
  • CVE Visibility - Vulnerability Management

    Now, you will be able to detect vulnerable devices among the enrolled devices and see CVE details.

Bug Fixes
  • Fixed an issue where MSI errors during a 3rd party patch operation were not getting reported in the Endpoint Manager UI.
  • Fixed an issue that caused Endpoint Manager to show the wrong number of installed/uninstalled patches.
  • Fixed issue that prevented patching from working properly in some cases.
  • Fixed bug that caused software inventory scans to take an abnormally long time.
  • Fixed the issue of RMMService unable to start.
  • Fixed the issue of preventing installing 3rd party apps if client proxy settings are set.

Remote Control

New Features
  • ITSM Service Inventory

    Now, you will be able to Remote Connect to the endpoint silently (without disturbing the user) and manage the services inventory.

  • Multi-language support on Remote Control app for Mac OS devices

    You can use Remote Control app for Mac OS devices in German, French, Portuguese and Chinese.

  • Multi-language support on Remote Control app for Windows devices

    You can use Remote Control app for Windows devices in German, French, Portuguese and Chinese.

Bug Fixes
  • Fixed the issue of device takeover error message.
  • Fixed the issue of wrong name displaying during remote session.

Comodo Client Security

Windows
New Feature
  • With this feature, users can safely browse through web with the phishing and malicious domain protection provided by web filterin option.
  • Detailed parent process logging. Now, parent process of applications that are blocked by containment will be also recorded in CCS logs.
  • Now, Macro script executions will be monitored by new Antivirus improvement for malicious behaviours.
Improvements
  • User approval on leaving Virtual Desktop session. Now users will be displayed an approval pop up to make sure they do not leave the virtual desktop session accidently.
  • User experience: PIN popup shown upon Virtual Desktop session start will have an OK button for the user to close
  • Now, the enduser needs to scroll down all the content of Virtual Desktop Disclaimer if it is configured by the admin.
  • Now, Virtual Desktop time expiration setting is limited by 24 hours.
  • The directory of %USERPROFILE%\Downloads\* is removed from Shared Spaces file group as this is a location with potentially valuable user information.

New Client Versions:

  • Windows Communication Client 6.30.29304.19090
  • Windows Client - Security 11.5.0.7759
  • Windows Remote Control 6.29.27308.19070
  • macOS Communication Client 6.30.28366.19090
  • macOS Client - Security 2.4.4.844
  • macOS Remote Control 6.29.27307.19070
  • Android Mobile Device Management Client 6.13.8.2
Version 1.4

Public release: 13 July 2019

Endpoint Manager Core

New Features
  • Proxy Mechanism for Clients

    You can now specify local endpoints as proxies from which other endpoints can collect installation packages and database updates. This helps save network traffic and accelerates package deployment when a large number of endpoints are involved.

    You distribute the following packages with this feature:

    • Comodo Communication Client
    • Comodo Client Security
    • Virus database updates
    • You can define the maximum amount of traffic to be used for package distribution, and the maximum number of proxy endpoints.
Bug Fixes
  • Fixed the issue of auto-remediation procedure triggers despite it is disabled in monitor settings on portal.
  • Fixed the issue of MacOS Communication Client connection failure.
  • Fixed the issue of maintenance window being shown as "OFF" while it is actually in the preset interval.
  • Fixed the issue of location tracking for mobile devices.
  • Fixed the issue of download servers from security profile not being applied to client immediately.
  • Fixed the issue of translation inconsistencies for Remote Control and Remote Tool settings in profiles.
  • Supported Device Platforms page is updated in order not to cause disinformation.

Security

New Features
  • Virtualization Exclusions for Removable Media

    You can now exclude removable media such as USB sticks and external drives from virtualization. Doing so allows apps in the Virtual Desktop to write and make changes to specific media attached to the endpoint. This provides another way to export data from the Virtual Desktop in addition to Shared Space.

    You can configure these exceptions in the ‘Containment’ section of an Endpoint Manager profile.

  • Set Custom Disclaimer for Virtual Desktop

    Expanding our white-label options, you can now configure a custom disclaimer message for the Virtual Desktop. Users must accept the disclaimer before starting the virtual session.

    You can configure the disclaimer in the ‘Containment’ section of an Endpoint Manager profile.

  • Allow User to Override Virtual Desktop settings

    When enabled, Endpoint Manager will not reverse local Virtual Desktop settings that are different to those in the endpoint's profile. Ordinarily, Endpoint Manager checks devices to see if the local settings match those in the device profile. It will re-implement the profile settings if it detects any deviation.

    The new setting gives admins greater flexibility and control over individual endpoints. For example, you can now disable the exit password on a specific endpoint, avoiding the need to create a whole new profile just to accomplish this one task.

    This addition complements the existing override option in the ‘Client Access Control’ section of a profile, which allows local changes to *every* CCS setting. Admins can now allow local override of just the virtual desktop settings, while preventing changes to other CCS settings.

    You can configure the override setting in the ‘Containment’ section of an Endpoint Manager profile.

  • Show only Virtual Desktop settings on endpoint

    New option to only show virtual desktop options when users click the CCS tray icon on an endpoint. End-users can then access and launch the virtual desktop, but cannot change other CCS settings.

    This feature is useful when used with the override option described above.

    You can configure this setting in the ‘UI Settings’ section of an Endpoint Manager profile.

Improvements
  • Auto-updates disabled by default in CCS

    Automatic updates to the CCS client are now disabled by default in predefined profiles. This change was made after valued feedback from our customers who manage complex, sometimes delicately balanced networks. To avoid potential disruptions, customers prefer to be notified when updates are available so they can review them before installation.

  • New default actions for unknown autorun entries

    This setting determines what CCS should do if an application tries to create/modifiy a service, auto-start entry, or scheduled task. You can find it at ‘Configuration Templates’ > ‘Profiles’ > open a level 2 or 3 profile > Click the ‘Miscellaneous’ tab.

    The previous default was ‘Ignore’. The new defaults are:

    • Security Level 2 profiles - ‘Terminate and Disable’
    • Security Level 3 profiles - ‘Quarantine and Disable’

    You can find background information on this setting at Help Center

Remote Control

New Features
  • File Transfer: Folder Transfers

    You can now send/receive folders via file transfer in the Remote Control application.

    You can track folder transfer status in the file transfer queue pane.

  • Role-based access control for Remote Control file transfer

    You can now limit file transfer capabilities for specific devices and/or device groups.

    Similarly, you can now limit file transfer capabilities by role.

Bug Fixes
  • Fixed the issue of connecting to MacOS with Remote Control.

Comodo Client Security

Windows
New Features
  • ‘Virtual Desktop only’ mode

    As mentioned in the Endpoint Manager section earlier, we have added the ability to show only virtual desktop options when users click the CCS tray icon on an endpoint.

    When enabled in a profile, CCS will only show these two items when you click the tray icon:

    • Run Virtual Desktop - Opens the Virtual Desktop
    • Open Virtual Desktop Settings – Opens the Virtual Desktop settings area in CCS

    End-users cannot access any other area of CCS.

  • Improved password policy for the Virtual Desktop

    Admins can prevent end-users from accessing the local computer by setting an ‘exit’ password on the Virtual Desktop. Once set, users will need to enter the password if they want to switch from the virtual environment to the local environment. We added the following settings to improve the security of this password:

    • 90-day validity period. The exit password will expire, and must be changed, after 90 days.
    • Password complexity requirements. Passwords must now be 8-16 characters and contain a mix of upper case letters, lower case letters, numbers, and special characters.
  • Detection of msi installation through URL

    Added a default containment rule that prevents the installation of msi packages via a URL in a command line. This feature is tightly coupled with Script Analysis as it will be detected in the list of enabled interpreters.

  • Virtualization exclusions for removable media.

    Under default conditions, apps in the virtual desktop write to a virtual file system, and cannot save changes to the host or any peripherals. As covered earlier, you can now create exceptions to this rule for specific removable media. Creating such an exception allows users to more easily export data from the virtual desktop to USB sticks, external storage drives, or CD/DVD.

  • Extended Virtual Desktop Logs

    Virtual desktop logs have been moved out of the ‘Containment Logs’ section and now have their own section. This improves log visibility and makes it easier to conduct investigations, analysis and forensics.

Bug Fixes
  • Fixed the issue of aborted AV Full Scans
  • Fixed the issue of adding timeout value in the duration of Virtual Desktop session
  • Fixed the issue of internal process crashes on Windows 10 Pro, Server 2016 and Server 2012 R2
  • Fixed the issue of twitching CCS icon
  • Fixed the issue of incompatibility between the security agent and Google Chrome Enterprise
  • Fixed the issue of mapping drives under incorrect directories
  • Fixed the issue of failed Antivirus signature database updates
MacOS
New Features
  • Disable real time scans on network items

    Real time virus scans are now optional for items on shared network drives. This can improve performance by eliminating needless scans on write-restricted files. If an endpoint does not have the rights to delete/quarantine files in a shared folder anyway, then there is little reason to scan them at this point. Any files copied to the endpoint will, of course, still be scanned locally.

Linux
New Features
  • External Device Control logs

    We added event logs for the USB control rule. The rule allows admins to block the use of USB devices on Linux endpoints. The new logs let you analyze events where there was an attempted breach of the rule.

Bug Fixes Fixed the issue of requesting password on scan initiation attempt

Remote Monitoring and Management

Bug Fixes
  • Fixed the issue of RMM service crashing.
  • Fixed the issue of Disk Space Monitoring's false alerts.
  • Fixed the issue of incorrect output in monitoring results.

Patch Management

Bug Fixes
  • Fixed the issue of not showing Russian characters in the Global Software Inventory.
  • Fixed the issue of Software Inventory loading failure.
  • Fixed the issue of available but not displayed 3rd party patches problem.

New Client Versions:

  • Windows Communication Client 6.29.27210.19070
  • Windows Client - Security 11.4.0.7615
  • Windows Remote Control 6.29.27171.19070
  • macOS Communication Client 6.29.27177.19070
  • macOS Client - Security 2.4.4.844
  • macOS Remote Control 6.29.27180.19070
  • Android Mobile Device Management Client 6.13.8.2
Version 1.3

Public release: 20 June 2019

Endpoint Manager Core

New Features
  • Bulk installation packages for Linux

    Customers can now create bulk installation packages of the Linux communication and security clients, simplifying the mass-enrollment of Linux devices. A much requested feature, MSPs can now use the same fast setup process they currently use for Windows and MAC devices.

  • Improved Maintenance Windows

    A maintenance window is a designated time-slot for your Endpoint Manager procedures to run. You can assign multiple procedures to a single window so they all run at the same, convenient time. Since introducing the feature in the last release, we’ve made several improvements to make maintenance windows even more useful:

    • Individual maintenance window settings

      The previous version allowed you to add multiple maintenance windows to a profile, and to set whether you want to randomize task start times and/or stop monitors during the window. However, you had to use these same randomize and monitor settings for all maintenance windows on the profile. The June release lets you create different settings for each window, and we’ve also added some totally new settings:

      • Stop or allow monitors on a per-window basis
      • Set task randomization options on a per-window basis
      • Set procedure options for non-responsive devices:

        • Run as soon as the device comes online
        • Run in the next maintenance window after the device comes online
      • Define times when maintenance windows should not run. For example, during holidays or vacations.
      • Block the following tasks if someone tries to run them outside of the maintenance time-slot:

        • Remote Control session
        • Remote Tool session
        • On-demand patch installation
        • MSI package installation
        • On-demand script procedures
        • On-demand patch procedures
        • Reboot system
      • You also have the option to receive notifications instead of blocking the task.
Bug Fixes
  • Fixed the issue of being unable to update to default security client version from device list.
  • Fixed the issue of adding Google Play application to application store.
  • Fixed the issue of uninstalling applications from all endpoints even though only a few is selected.
  • Fixed the issue of translation for language change through portal.

Security

New Features
  • Automatic reappraisal of quarantined items

    This new scan type lets you re-check all quarantined items on your endpoints to identify and restore false-positives. The new scan will be added to predefined profiles by default. You can find the related settings in under Scan Profiles under Antivirus settings.

  • Additional Virtual Desktop Settings

    The virtual desktop is a sandbox environment in which users can run programs and browse the internet without fear those activities will damage the endpoint. Applications in the virtual desktop are isolated from other processes, write to a virtual file system, and cannot access user data. Admins can even set up their endpoints so users and guests log straight into the virtual desktop, denying them access to the host.

    We added the following new features and settings to the virtual desktop:

    • Pause and lock a virtual desktop session with a randomly generated PIN number.
    • Set an expiry time for a paused virtual desktop. Paused sessions are terminated when the time expires. This prevents the virtual desktop from being locked indefinitely by the previous user.
    • Auto-launch the virtual desktop at logon for specific users. This allows admins to set up a fully-virtualized experience for their users.
  • Linux and Mac antivirus logs now available in ‘Security Dashboards’

    CCS antivirus events on Linux and Mac endpoints are now recorded as logs in the security dashboard. This is part of our commitment to create a truly centralized event management system for endpoints of all stripes.

  • Full Parent Process Tree for Contained Applications in ‘Containment’

    Virtualized application with process name and id are recorded including all process tree starting from the first contained one. With the help of this feature, investigation of the containment can be done with more details. You can display the logs by clicking the file name in Parent Process column in File Details under Containment. A pop-up will be prompted with the tree which will show the exact recorded chain for the contained application in corresponding device.

Bug Fixes
  • Fixed the issue of filtering on Security Dashboards
  • Fixed the issue of “Something went wrong” in Application Control

Remote Tools

New Features
  • Added the ability to download multiple remote folders via Endpoint Manager’s ‘File Explorer’ feature. To use the feature, click 'Devices' > 'Device List' > select a running Windows device > Click 'Remote Tools' > 'File Explorer’.
Improvements
  • Live search added to the process explorer feature. Filtered processes are shown as soon as you start typing in the search box.
  • Audit logs for remote tools added to the existing set of audit logs.
  • Multi-language support for the notifications shown on an endpoint when an admin starts a remote session.

Remote Control

New Features
  • Russian and Spanish languages are now supported in the Windows and Mac remote control applications.
Improvements
  • You can now cancel a connection attempt while still on the ‘connecting...’ screen. Previously, admins had to wait for the connection to complete before they could terminate the session.
  • Delete functionality for user email or domain/login information on the login screen is now available for Windows and MacOS Remote Control applications.
Bug Fixes
  • Fixed region auto-select issue on the US portal.
  • Inability to use "File Transfer Session" when Floppy Disk Drive exists on target device is now fixed.
  • Fixed connection errors that occurred when remotely connecting to MacOS devices.
  • Fixed ‘Device not ready’ errors during remote sessions.
  • Fixed error where devices were showing online in Endpoint Manager, but showing as offline in the remote control application.

Remote Monitoring and Management

New Features
  • Maintenance Window compliance warnings

    Endpoint Manager will warn you if you set an end-time for a patch procedure which is outside that of the maintenance window. The warning will list the maintenance window times so you can adjust accordingly.

  • Passing Parameters for Custom Script Monitors

    You can now use custom procedures with parameters when creating a monitor.

Improvements
  • Procedure Log Enhancements

    You can now filter execution logs by the following columns:

    • Device online status
    • Device Name
    • Started at
    • Started by
    • Launch Type
    • Finished at
    • Status
    • Last status update
  • New fields added to device execution logs. You can now export these logs with the following additional fields:

    • Last execution time
    • Last execution status
    • Additional information
    • Service Desk ticket link
    • Service Desk ticket status
    • Service Desk ticket created date
Bug Fixes
  • Fixed the issue of Endpoint Manager Portal sending late email notifications about triggered monitors.
  • Fixed the issue of incorrect time within email notifications about triggered monitors.
  • Fixed the issue of being unable to set “End Time Settings” correctly for scheduled procedures.

Patch Management

Bug Fixes
  • Fixed the issue about incorrect number of patches reported and shown in device list section in Endpoint Manager portal.
  • Fixed the issue about inability to silently uninstall RStudio1.1.463 64bit application.
  • Fixed the issue about inability to update OneDrive application.

Comodo Client Security

Windows
Connectivity Issues Regarding CCS v11.2
  • The engineering team investigated the issue from the first day of the incident, as some firewall-sourced connectivity issues were reported from some customers. Eventually, the issue is identified as it sourced from the complications of Firewall module refactoring during the transition from v11.1 to 11.2. Therefore, it has been decided that these refactorings should be reverted in this release. Internal tests and the tests on several customer environments were completed successfully. The team will keep working in depth to prevent recurrence of similar incidents. Due to this reversion, a few recent Firewall features will disappear. The detailed feature list can be found below. Please note that these features were not reflected to Endpoint Manager. Therefore, it will not require you to make any changes on your configuration under usual circumstances.

    • Ability to specify criteria for Firewall rules.
    • Rating, Containment status, Age, Parent Process etc
    • Ability to create Firewall rules for IPv6 address ranges
New Features
  • The antivirus scanner will now skip files that take longer than 5 minutes to scan. This improves performance in manual and scheduled scans. Skipped files are shown in the scan results screen.
Improvements
  • New rule to auto-contain .msi installers. The new ‘Run Virtually’ rule applies to msiexec.exe files if the parent process is in the 'Management and Productivity Applications' group. This improves security by virtualizing any unknown files launched via msiexcec.exe by legitimate applications in the group.
  • View logs straight from the tray icon. You can now access the ‘View Logs’ interface by simply right-clicking on the CCS tray icon.
  • Enable/disable HIPS from the tray icon. Quickly activate or deactivate HIPS from the right-click menu of the CCS tray icon.
  • Added ‘Block’ actions to the containment parent process tree. Processes blocked by the containment module are now logged in Containment Logs > Parent Process records. This improves visibility during forensic investigations.
  • ‘Reputation’ column renamed as ‘Rating’ in the auto-containment rules screen. This change is to improve language consistency across product interfaces.
  • Caps-Lock Warning. You are now warned if caps-lock is on when entering the client access password.
Bug Fixes
  • Fixed the issue of not minimizing Virtual Desktop
  • Fixed the issue of Full Antivirus scan failures
  • Fixed the issue of reporting internal containment services to EM
  • Fixed the issue of BSOD after CCS installation
  • Fixed the issue of BSOD when a cellular modem is enabled on the endpoint
  • Fixed the issue of internal Comodo services crashs on Windows Server 2012 R2
Linux
New Features
  • External device control rule for USB Devices. New rule lets you block the use of USB devices on Linux endpoints. You can create exceptions for specific devices if required.

New Client Versions:

  • Windows Communication Client 6.28.26320.19060
  • Windows Client - Security 11.3.0.7475
  • Windows Remote Control 6.28.26299.19060
  • macOS Communication Client 6.28.26178.19060
  • macOS Client - Security 2.4.4.834
  • macOS Remote Control 6.28.26274.19060
  • iOS Mobile Device Management Client 1.2.27
  • Android Mobile Device Management Client 6.13.6.9
  • Linux Communication Client 6.28.26228.19060
  • Linux Client - Security 2.2.1.458
Version 1.2

IT Operation Platform Hotfix: 17 May 2019

Endpoint Manager Core

Bug Fixes
  • License expiration mails are extended with:

    • Contact information for portal.
    • Unsubscribe option
  • Report settings are extended with option to send license usage report only to account admin.
  • Fixed the issue of translation for Endpoint Manager when language change from portal.

Public release: 13 Apr 2019


On-Premise Specific

New Features
  • AV DB, CCC, CCS Update Management

    Last production AV DB, CCC and CCS versions will be available with distributed on-premise solution without internet connection requirement (admin have to configure profile update from his own domain)

  • On Premise Analytics System

Endpoint Manager Core

New Features
  • License Management for Advanced Endpoint Protection

    With this release, you will be able to manage licenses for Advanced Endpoint Protection to manage licenses for devices with Comodo Client Security is installed.

    • You will be able to distribute your seats in your licenses between your customers and manage allocation for a specific customer from different licenses at
    • the same time.
    • you will be able to assign licenses to specific customer or use as global to manage it for all customers
    • you will be able to setup license usage reports for tracking the activities of a specific license
    • you will be able to get notified about expirations of the licenses
  • Maintenance Windows

    You will be able to define maintenance windows in order to create a planned maintenance calendar. With this feature:

    • You will be able to create maintenance window for different timeframes.
    • You will be able to stop monitors in this period
    • You will be able to schedule procedures to a specific maintenance window.
    • You will be able to randomize the tasks that you plan in order to prevent performance issues.

    This feature is will be the first version. In the upcoming releases you will also be able to have below features:

    • blocking below on demand tasks or warning about it to the related staff

      • remote control
      • remote tools
      • patch installation
      • script procedures
      • patch procedures
      • other MSI package installation
      • reboot system
    • ability to define time frames in order to stop maintenance windows for special days like christmas, holiday etc.
    • ability to select the methodology for procedure running for offline devices in maintenance windows.
  • Management of Communication and Security Client Versions With this release, you will be able to plan updates for clients so that you can track your own plan for your portal. With this feature, you will be able to select a default version for communication and security clients under Portal Set Up section.; The default version will be applied to Endpoint Manager for enrollment, bulk installation, client updates and dashboard sections. you will also be able to enable or disable selecting different versions to be installed or updated by your staff.
Improvements
  • Support for operating systems

    We continue to develop Endpoint Manager as the platform which lets you manage EVERY device on your network or your customer’s network. In addition to the existing list, you can now enroll devices which run the following operating systems:

    • Windows Server 2003
    • Windows Server 2008
    • Windows Server 2012
Bug Fixes
  • Fixed the issue of uninstallation of softwares from global software inventory.
  • Fixed the issue of event count alignment with portal dashboard and list in security sub systems.
  • Fixed the issue with CCSM version in device list exported report.
  • Fixed the issue of e-mail and help link shared in question mark at top right of the screen.
  • Fixed the issue of addition of file group with sign “?”.
  • Fixed the issue with warning while adding iOS application to iOS app store.
  • Fixed the issue of high CPU usage for Android mobile device management clients.

Security

New Features
  • Countdown timer for Training Mode.

    This feature enables you to set a restriction for HIPS and Firewall modules to run in Training Mode for a specified time period. The major benefit is that CCS running in Training Mode for a long time on endpoints may overwhelm by creating excessive amount of rules which results in performance issues on the endpoints.

  • Valkyrie section in MacOS Profiles.

    We’re proud to introduce our unique cloud file analysis system, Valkyrie to MacOS endpoints. Now, your unknown executables files (e.g. .dmg and Mach-o files) detected on MacOS endpoints will be sent to Valkyrie and be analyzed whether they are trusted or malicious. You can enable this component and unknowns on your system can be analyzed and required action taken on them automatically.

    • Lookup and Submit files for Analysis: Enable the agent to to perform lookups for unknown files and submit if their rating is unknown. Enabled by default
    • File size limitation. Set a file size constraint for the target files to be uploaded. The default value is 150 MB
    • The options available on the agent settings:
  • Valkyrie section in Linux Profiles.

    We’re proud to introduce our unique cloud file analysis system, Valkyrie to Linux endpoints. Now, your unknown executables files (e.g. .elf and other executables) detected on Linux endpoints will be sent to Valkyrie and be analyzed whether they are trusted or malicious. You can enable this component and unknowns on your system can be analyzed and required action taken on them automatically.

    • Lookup and Submit files for Analysis: Enable the agent to to perform lookups for unknown files and submit if their rating is unknown. Enabled by default
    • File size limitation. Set a file size constraint for the target files to be uploaded. The default value is 150 MB
    • The options available on the agent settings:
  • Security Dashboards - Device View.

    A brandnew approach to your system security monitor. With this feature, you will have an overall look to the security events based on the device that they takes place. By aggregating the security events per device, you will have the ability to display each device per the latest event and related CCS component. With the expandable line capability, you can expand and check for the latest events from the each component that reports any to the portal.

  • Restore Affected Autorun entries.

    With this feature, the suspicious autorun entries (e.g autoruns, Windows Services, scheduled tasks) and the target files will be reported to the portal with the action taken on them. You can see their current statuses whether they are blocked or quarantined, or ignored. Furthermore, you can enable the disabled service back and restore the quarantined files affiliated with that entry. Since you have more control on your system now, you can strengthen your autoruns policies in Miscellaneous section to enhance the protection level on your systems.

  • Virtual Desktop.

    With this feature, you can start managing Virtual Desktop environment, which was introduced in previous release of CCS. The current abilities in Profiles -> Containment-> Virtual Desktop are:

    • Password Protection. If enabled, password protection locks end-users in the virtual environment to stop them switching back to the host.
    • Launch Virtual Desktop upon user login. Starts the virtual desktop automatically as soon as the endpoint is booted. Enable this setting in CCS at ‘Advanced Settings’ > ‘Containment’ > ‘Virtual Desktop’.
    • Automatically reset Virtual Desktop on session termination. This setting is enabled by default and provides privacy for the user by automatically vanishing all the data and changes made in Virtual Desktop.
Improvements
  • Added WerFault.exe to "Windows system applications" default file group. This legitimate files used for Windows error reporting is added to the file group in order to be excluded from security policies in CCS.

Remote Tools

New Features

You’ll now have access to folder support via File Explorer:

  • Download single folder from the endpoint
  • Uploading single or multiple folders to the endpoint.

Remote Control

New Features
  • File Transfer via Remote Control Application

    Long waited File Transfer via Remote Control Application will be available with the April release!

    • You can now transfer files through the Remote Control Windows Application. Just go to device list and initiate your session!
    • You can initiate File Transfer sessions through Endpoint Manager (if you prefer in-portal transfers, we suggest you to use File Explorer under Remote Tools)
    • You can run File Transfer simultaneously when you are in a Remote Control session.
    • You’ll be able to queue to be transfered files, start and stop the transfers through the queue pane
    • You can create, rename, delete folders on the remote device (as well as on your device)
    • You can rename and delete files on the remote device (as well as on your device)

    What is next for File Transfer?

    • Role based Access Scope, Device Profile Settings, Audit Logs are coming soon.
    • In session File Transfer via drag & drop and triggering File Transfer via the viewer’s action toolbar are coming soon as well!

Remote Monitoring and Management

New Features
  • Create Discovery Widget

    You will be able to create network discoveries even easier with two steps with necessary information, while creation process.Here is the wiki of this feature.

  • Schedule Discoveries

    Network discoveries can now be scheduled daily, weekly or monthly. You can set schedules for different time periods.

  • Device View for Discovered Devices

    You can now view summary and network details of a discovered device by clicking device name inside discovered devices list.

  • Device Type

    Devices can be differentiated by type from now on. There will be "Device Type" in Device List and Discovered Devices List. Each Type of device will be represented in different icon. You will be able to easily change the type of a device manually.

    Available Device Types are:

    • Router
    • Printer
    • UPS
    • Switch
    • Load Balancer
    • Firewall
    • Workstation
    • Server
    • Mobile
    • Other
    • Unknown
  • Passing Parameters for Auto Remediation

    You will also be able to use procedures with parameters in auto remediation section while creating a monitor.

Improvements
  • Procedure Logs

    Procedure Log Statuses are now colored for better traceability.

Comodo Client Security

Windows
New Features
  • Enriched Virtual Desktop functionalities.

    We keep improving our recently introduced tool to make it more beneficial and easy to use.

    • PIN protection for the paused session.

      When enabled, a PIN will be automatically generated for the paused session and displayed to the user. Then, user can continue his session when gets back to the endpoint by keeping the previous work on the endpoint.

    • Re-branding options.

      The background, Comodo related icons can be rebranded for a more flexible usage.

    • Management of the applications to be presented on Virtual Desktop.

      User can select which application icons to be shown on Start Menu and on the desktop so that Virtual Desktop users have access to the specified items easily.

    • Option to select users to be forced into Virtual Desktop at login.

      Now, you can select the user types and specifis users which you want them to directly land on Virtual Desktop session when they login to the endpoint with their credentials.

  • Firewall for Windows Servers.

    We completed the work for a better protection and are proud to announce Firewall for Windows Servers. Now, Firewall module can be installed and configured on your server systems. By default, CCS is installed without the firewall component because server environments require fine-tuned configuration.

  • Advanced Firewall Application Rules criteria.

    With this feature, you can create more granular Firewall application rules which can check:

    • Rating of the target file: You can specify a file rating in a rule and it is applied to the files with the same rating and match the other criteria.
    • Age of the target file: You can specify file age in a rule and it is applied to the files with the specified intervals and match the other criteria.
    • Containment Status of the file: You can specify containment status in a rule and if the target file is running in the containment, the firewall rule will be applied to it.
  • Option to specify IPv6 address range in Firewall rules. From now on, you can enter IPv6 address range in the Firewall rules.
Improvements
  • ‘At Risk' status on Windows Servers.

    The agent will switch to “At Risk” status when Containment is disabled. This information will be reported to Endpoint Manager and be reflected to the status icon in Device List as well.

MacOS
New Features
  • Valkyrie Integration.

    We are proud to announce CCS for Mac has integrated to Valkyrie, the cloud file analysis system of Comodo. When CCS detects an unknown executable file (e.g. .dmg and Mach-o files) whose size is smaller than 150 MB, it will upload the file to Valkyrie. When analysis is completed, the verdict will be applied to the file and the agent will block the file unless it is a trusted one. You can enable this component and unknowns on your system can be analyzed and required action taken on them automatically.

  • TLS 1.2 Upgrade.

    To comply with the best industry security practices, we are upgrading the protocol used in our security client to Transport Layer Security (TLS) 1.2.

Linux
New Features
  • Similar to our MacOS addition, we added Valkyrie to CCS for Linux.

    When CCS detects an executable with an unknown trust rating, it will upload the file to Valkyrie for behavior testing. The test results will tell CCS whether the file is trustworthy or malicious. CCS with either allow or block the file based on the result.

Bug Fixes
  • Fixed the issue of asking for password before on-demand AV scans
Version 1.1.0

Public release: 16 Feb 2019

Endpoint Manager Core

New Features
  • TLS 1.2 Upgrade

    To comply with the best industry security practices, we are upgrading the protocol used in our communication client (CC) to Transport Layer Security (TLS) 1.2 You will need to make sure that the version of CC on your Windows (XP, 2003 Server, 7 and 2008 Server) devices is version 6.16.10680.18030 or higher before 07-01-2019 (July 1st 2019).

Improvements
  • Logged in User

    Added the ability to see the user logged into a device in the ‘Device List’. You can search, sort and filter according to this new field.

Bug Fixes
  • Fixed the issue of upgrade button under license options section.
  • Fixed the issue of phone numbers under support section for ITarian and Comodo ONE
  • Fixed the issue of delayed application of profile settings to devices.
  • Fixed the issue of role management for editing device name.
  • Fixed the issue of high CPU usage for communication client.
  • Fixed the issue of communication client proxy settings with symbol '\'.
  • Fixed the issue of notifications which cannot be removed for Android devices.
  • Fixed the issue of grey screen in Kiosk mode for Android devices.

Security

New Features
  • Improved heuristic analysis and embedded code detection settings.

    With this feature, interpreter interactions with suspicious autoruns items can be configured separately for each interpreter type. This means even better protection against malicious code triggered by Windows start-up and auto-run items. You can configure the feature in the new ‘Script Analysis’ section in Profiles.

Improvements
  • New ‘Script Analysis’ section. ‘Heuristic Command Line Analysis’ and ‘Embedded Code Detection’ have been moved to the new script analysis section in a profile. This provides more granular management of security components.

    • General Settings. You can enable or disable the ‘Runtime Detection’ feature from this tab, and also limit the size of scripts which should be analyzed.
    • Runtime Detection. ‘Heuristic Command Line Analysis’ and ‘Embedded Code Detection’ settings have been moved to this section.
    • Autoruns Scan. Interpreter configuration for scanning/monitoring autorun items can be done from this section.
  • Valkyrie details about a file can now be viewed in the ‘Security Dashboards’ area. Simply select a file in the security dashboards screens and click ‘Valkyrie details’.
  • Download Valkyrie reports from the security dashboard. Simply select a file in the security dashboard and click ‘Valkyrie Report’ to view granular information about the file.
  • Added a ‘Show ignored containment events’ filter in to the security dashboard. In ‘Event View’, you can now show all ignored containment events. We think you’ll find this addition useful, but please note that we disabled the new filter by default. This is a practical move to highlight more important activities and lessen the potential noise created by multiple ignore events.

Remote Tools

New Features

New additions to file explorer functionality. We know you’ve been looking for these and we’re excited to deliver!

  • Upload files of any format to remote endpoints from your admin device (50MB file size limit). Folder and multi-file support coming soon. Here is the wiki for this feature
  • New remote folder operations:

    • Create folders
    • Rename folders & files
    • Delete folders & files
  • You can enable or disable folder operations for specific staff by configuring the user role (‘Users’ > ‘Role Management’).
Improvements
  • More informative error messages in the file explorer interface allow you to troubleshoot and react to issues faster.
  • Moved the info box that appears on an endpoint during remote connections to the bottom left corner of the screen. We expect this repositioning will improve user experience by freeing up desktop space.

Remote Control

Bug Fixes
  • On some MAC endpoints, crashes observed and this caused connection initiation. The issue was identified and is fixed.

Remote Monitoring and Management

New Features
  • Network Management

    We are proud to announce the addition of a brand new section for network management. The first feature in the new section is ‘Network Discovery’, and we’ll be adding many more network capabilities in upcoming releases.

  • Network Discovery:

    • Discover devices from the probe device you select
    • Add new IP ranges for discovery
    • Add exclusions for IP ranges
    • Set SNMP v1.2 to discover network devices
    • Get alerts and logs when items are discovered
    • Easily view discovered devices in ‘Device List’ > ‘Discovered Devices’.
Improvements
  • Custom scripts failures for monitoring

    With this release, custom scripts monitors could be setup by ability to select the trigger for script failures.

Bug Fixes
  • Fixed the issue of high CPU consumption of monitors.
  • Fixed the issue of repeating service crash of monitors for some customers.

Comodo Client Security

Windows
New Features
  • Prevent registry keys from being read by contained applications.

    You can now stop the virtualization of specific registry keys by the containment module. This will prevent unknown applications from reading potentially sensitive data held in those keys (write access is already disabled by default). You can access the setting in CCS at ‘Advanced Settings’ > ‘Containment’ > ‘Protected Objects’

  • Option to disable real time scans on network items.

    Real time virus scans are now optional for items on shared network directories. This will improve system performance because, if an endpoint does not have the rights to delete or quarantine items in shared folders anyway, there is less reason to run real time scans on them. Network files that are copied to the endpoint will, of course, still be scanned and handled locally.

  • Antimalware Scan Interface (AMSI) Integration.

    CCS now provides even better malware protection via our integration with Microsoft AMSI. This means deeper software scans and stronger protection for your endpoints. The option is disabled by default, but can be enabled in ‘Advanced Settings’ > ‘AV Settings’ > ‘Real time scan’.

  • Virtual Desktop.

    With this brand new component, you can virtualize your entire desktop and perform all tasks within a fully virtual environment. Everything!! Applications running in the virtual desktop are isolated from the rest of the endpoint, write to a virtual file system, and cannot access personal data. This makes it ideal for surfing the net without risk and even for testing out beta/unstable software. You can save any data you wish to keep to a special folder called ‘Shared Space’, which the host system can also access. You can launch the virtual desktop from CCS at Containment Tasks > Run Virtual Desktop. Go ahead and try it!

  • Admins can also set the following items for the virtual desktop:

    • Password Protection. If enabled, password protection locks end-users in the virtual environment to stop them switching back to the host.
    • Launch Virtual Desktop upon user login. Starts the virtual desktop automatically as soon as the endpoint is booted. Enable this setting in CCS at ‘Advanced Settings’ > ‘Containment’ > ‘Virtual Desktop’.
Improvements
  • ‘Protected Objects’ are now under containment settings.

    ‘Protected Data’ and ‘Protected Keys’ have been moved to ‘Advanced Settings’ > ‘Containment’. This improves UI consistency by grouping these two items with related features and settings.

Bug Fixes
  • The issue with firewall driver that causes connection problems is fixed.
  • The issue with CCS Task Logs which was caused by spontaneous reboots during AV scans is fixed.
  • The issue with applying profiles to CCS is fixed.
  • The functionality issue with “jump folder” in scan window is fixed
  • The issues that caused performance problems are fixed.
Linux
New Features
  • TLS 1.2 Upgrade

    To comply with the best industry security practices, we are upgrading the protocol used in our security client to Transport Layer Security (TLS) 1.2.

Bug Fixes
  • The issue with restoring quarantined items is fixed.
  • The performance issue regarding to the compatibility with some specific browsers is fixed.

New Client Versions:

  • Endpoint Manager - Server version 6.26.22682.19020
  • Windows Communication Client 6.26.22611.19020
  • Windows Client - Security 11.1.0.7229
  • Windows Remote Control 6.25.21754.19010
  • macOS Communication Client 6.26.22671.19020
  • macOS Client - Security 2.4.2.791
  • macOS Remote Control 6.25.21758.19010
  • iOS Mobile Agent 1.2.27
  • Android Mobile Agent 6.13.5.11
  • Linux Communication Client 6.25.21662.19010
  • Linux Client - Security 2.2.1.400

Public release: 19 Jan 2019


Endpoint Manager Core

New Features
  • New enrollment options for macOS Devices

    You can now enroll macOS devices to Endpoint Manager without needing to first install a device profile. This also applies to bulk enrollments.

    This lets customers use Endpoint Manager to manage security on Mac devices while continuing to use their preferred platform for general Mac management.

    Apple only allow one portal to use the protocol which manages devices. This caused problems with customers who wanted to use Endpoint Manager in conjunction with another MDM platform. The new enrollment method solves this issue and lets Endpoint Manager co-exist with solutions from other vendors.

    Note. If you use this type of enrollment you will not be able to manage the following sections in an Endpoint Manager profile:

    • Certificates
    • Restrictions
    • VPN
    • Wi-Fi
  • Export functionality for Audit logs

    We added exporting mechanism to Audit Logs section.

  • ITarian branded Android and iOS mobile agents

    The iOS and Android agents will be renamed as ‘Mobile Device Management Client’, published by ITarian. The following branding changes will apply to iOS and Android agents:

    • Agents renamed as ‘Mobile Device Management Client’
    • Endpoint Manager branding and logos used on all agents
    • ITarian LLC added as the publisher of the clients
    • The clients will be available on Google Play and the Apple Store as well as through the Endpoint Manager interface.
Improvements
  • Support for the latest operating systems

    We continue to develop Endpoint Manager as the platform which lets you manage EVERY device on your network or your customer’s network. In addition to the existing list, you can now enroll devices which run the following operating systems:

    • Linux CentOS 7
    • macOS 10.14
    • Windows Server 2019
  • Audit Logs

    Improved log interface. Both old and new values are now shown in logs which record changes to UI Settings.

Bug Fixes
  • Fixed the issue of filtered view of devices when an installed app name is clicked from inside device details->installed apps section.
  • Fixed the issue of not working installation of custom MSI packages from device list.

Security

New Features
  • Export functionality added to the ‘Security Dashboards’ section

    You can now export security component logs from the ‘File View’ and ‘Event View’ tabs.

    Click ‘Security Sub-Systems’ > ‘Security Dashboards’ to open the security dashboard.

  • File Rating Columns added to security dashboards

    Added ‘Admin’ and ‘Comodo’ rating columns to the ‘File View’ and ‘Event View’ tabs. Both new columns show old and current values.

    The ‘Old’ rating is the file rating before the event occurred. ‘Current’ rating is the most recent verdict since the event.

  • File Details in Security Dashboards

    You can now view more granular details about files caught by Endpoint Manager security components. Security components include the antivirus scanner and file-rating scans.

    From January, you can select a file then click the ‘File Details’ button to view:

    • File Details

      • Last detected file name: Name of the file when it was most recently scanned
      • SHA1: SHA1 hash value of the file
      • First Seen by Comodo: Date the file was first reported to Comodo threat labs
      • First Seen on my Network: Date the file was first detected on one of your devices
      • Number of endpoints: Number of endpoints on which the file was found
      • Comodo Rating: The trust verdict on the file from Comodo threat labs
      • Last Update of Comodo Rating: Time the Comodo rating last changed
    • File History

      A detailed breakdown of a file’s activity on your endpoints. You can see all endpoints on which the file was found, the security component that detected it, and the action that was taken against the file.

      You can take the following actions from this page:

      • Change the file rating
      • Delete the file from specific or all endpoints
      • Restore the file from quarantine
Bug Fixes
  • Fixed the issue of re-enabling Baseline after any change on EM Windows Profile is saved.
  • Fixed the saving issues of Containment rules with “Started By” criteria

Remote Tools

New Features
  • Admins can now set remote tool options in profiles.

    You can now configure access for different Remote Tools - File Explorer and Process Explorer. The following options are available:

    • Silent control

      Take control without notifying the end-user

    • Ask then allow (waiting time is configurable in seconds)

      Ask end-user permission but take control anyway if they don't respond within a set time

    • Ask then deny access (waiting time is configurable in seconds)

      Ask end-user permission but close the connection if they don't respond within a set time

    • Do not allow

      Prohibit remote take-over of target devices associated with this profile.

    • Show notification

      Display a message on the target device which states that a remote session is active and the name of the admin who is connected. If enabled, you can also set the following:

      • Allow endpoint user to terminate the connection
      • Keep the notification window open after the session is terminated

Remote Control

Improvements
  • Support for the latest operating systems.

    We continue to develop the platform which lets you manage EVERY device on your network or your customer’s network. In addition to the existing list, you can now remote control to your managed endpoints which are running on macOS 10.14.

ITarian Remote Access

Improvements
  • Support for the latest operating systems.

    We continue to develop the tools which lets you manage EVERY device on your network or your customer’s network. In addition to the existing list, you can now remote access to your unmanaged endpoints which are running on macOS 10.14 through our standalone application.

Remote Monitoring and Management

New Features
  • You can now monitor operating system patch events.

    Operating system patches can be monitored by patch classification, severity level and other conditions. OS patch event logs are available in ‘Device list’ > device > ‘Logs’ > ‘Monitoring Logs’. Here is the wiki of this feature.

Improvements
  • New columns in ‘Profile’ > ‘Procedures’ - ‘Added By (user)’ and ‘Added On (date)’
  • New filters added to ‘Procedures’ > ‘Execution Logs’ - You can now filter by script procedure.
  • Monitor status’ indicator - added to ‘Device’ > ‘Monitoring Logs’ > ‘Details’ > ‘Status’.

Comodo Client Security

Windows
New Features
  • Admin rating lookups from Local Verdict Server are handled in the background when a file is executed.

    File rating flow is enhanced with a refactoring of Local Verdict Lookups. Now, file launches are not be affected by rating checks, which improves the performance of endpoint.

  • Parent process tree in Containment Logs.

    Now, starting from the first initiator of a contained application, all process tree is available in Containment Logs in CCS. You can display the very first application of a contained process and detect which application is the first one contained.

  • Restore disabled and quarantined Autoruns items.

    As the extension of Windows Boot Area Scan and Monitoring features, now you can manage the items which are blocked and quarantined by these abilities. Following actions are available in CCS General Tasks>Unblock Autoruns section:

    • Unblock: Enable selected scheduled task/Windows Service/Autostart entry which was disabled previously.

      When you unblock an item, related executable file will be restored from quarantine. Unless an exclusion rule is created for that file or its rating is changed to Trusted, it will be quarantined while the same autoruns item is disabled.

    • Delete: You can delete an autoruns item from its original location.

      If you delete a scheduled task item from this list, it will be removed from Windows Scheduled Tasks as well.

  • Blocking specific external device.

    Now, it is possible to block only specific external devices. By selecting a currently plugged-in device or entering a device ID, you can create rule to block it in Device Control section. By doing so, you have the option to allow a whole device class with some exceptions.

  • Detection of firewall driver status in Windows network adapter settings.

    From now on, status of Comodo Firewall adapter, which is installed to Windows Network & Internet settings, is monitored. When it is disabled by any reason, it will be detected and logged by CCS automatically. When such event occurs, Security Status Information section is switched to “At Risk” status by stating “Firewall driver is disabled in network adapter settings” message. In addition, you can set CCS to re-enable it from Firewall Settings section. By default, the functionality is enabled in “Log Only” mode.

  • Defining size limits for archive files scanned by Real-time AV.

    With this functionality, you can manage file size limits for archive file types to be decompressed and scanned during real-time AV scan. By configuring limits for specific files extensions, you can optimize your endpoint performance.

Improvements
  • Program Updates options removed from CCS Updates Settings

    • Program updates options removed in Updates tab in order to solve management and security issues.

    • Automatically Download Program updates and Automatically Install Program Updates in Critical Situations options are removed from endpoint UI.

  • Hiding Website filtering section in CCS UI

    • CCS UI upgraded to solve management and authorization issues by hiding Website Filtering section. Also we provide more clear view and a better user experience by hiding Website Database Update Filtering by default.

  • Periodic updates of Local Verdict Server is refactored in order to be handled at a separate schedule.

    Now, Antivirus Database updates and Local Verdict Server updates will be performed as different tasks in different schedules. By default, LVS updates is checked at every 1 hour.

  • Skipping online resource look-ups in case of no internet connection.

    In order to improve performance of the endpoints, CCS checks the status of Internet connection before performing online look-ups such as Antivirus DB updates, file submission to Valkyrie. In case of no available internet connection, these lookups will be skipped to prevent resource consumption. This setting is disabled by default.

  • Updated CCS installation package according to Microsoft requirements.

    CCS Installation package is refactored so that registration of our product to Windows Security Center could be completed smoothly. Thus, CCS installation routine is compatible with latest requirements of Microsoft.

New Client Versions:

  • Windows - Communication Client 6.25.21986.19010
  • Windows - Comodo Security Client 11.0.0.7181
  • Linux - Communication Client 6.25.21662.19010
  • macOS - Communication Client 6.25.21980.19010
  • macOS - Security Client 2.4.2.777
  • iOS - Mobile Device Management Client 1.2.25
  • Android - Mobile Device Management Client 6.13.4.14
Version 1.0.0

Public release: 01 Dec 2018

Endpoint Manager Core

Improvements
  • Support for the latest operating systems
    We continue to develop Endpoint Manager as the platform which lets you manage EVERY device on your network or your customer’s network. In addition to the existing list, you can now enroll devices which run the following operating systems:

    • Android 9
    • iOS 12
    • Ubuntu 18
  • Audit Logs

    • We improved the log interface to show both old and new values in logs which record profile changes.
    • We improved the logs to store changes and updates under File Group Variables.
  • Export scope

    • You can now export all information in the ‘Device Summary’ section of a device. Here is the wiki of this improvement.
  • Enrollment Instructions

    • iOS and macOS enrollment instructions are now listed separately.
Bug Fixes
  • Fixed the issue of Sneak Peek is not working for Android.
  • Fixed the issue of wrong phone numbers inside Support Page.
  • Fixed the issue of changing file rating from Security Dashboard.
  • Fixed the issue of constant loss of bluetooth connection for Android devices.
  • Fixed the issue of full wipe is not working for Android.
  • Fixed the issue of applying language preferences to CCS via ITSM Profiles
  • Fixed the issue of running status of communication client with custom monitors

Remote Control

Bug Fixes
  • Remote Control for Mac had an installation error on MacOS Siera 10.13.
  • None of the endpoints in customer's account were showing online or available in ITSM and CRC.

Comodo Client Security

Windows
Improvements
  • The root cause of the major issue which caused some particular customers' systems freezing is identified and the related fix is included in this hotfix release. The main problem was a system level technical issue in the driver architecture of Comodo Client Security. Since our first aim is to deliver a stable and reliable build, our teams intensively focused on this exceptional issue. Hence, the new features which were designed to be released in December are postponed to the next release in order to provide a better experience.
Bug Fixes
  • Fixed freezing and slowness issues caused by internal drivers.
  • Some performance issues caused by CCS internal methods are fixed.
MacOS
Improvements
  • Support for the latest operating systems
    We continue to develop Comodo Client Security for Mac to let you manage and secure every possible device on your or your customer’s network. In addition to the existing list, you can now enroll devices which run on MacOS 10.14.x
Bug Fixes
  • Some compatibility issues with VMWare environments is fixed
Linux
Improvements
  • Support for the latest operating systems
    We continue to develop Comodo Client Security for Linux to let you manage and secure every possible device on your or your customer’s network. In addition to the existing list, you can now enroll devices which run on Ubuntu 18.04

Mobile Applications

Improvements
  • iOS 12 support
  • Android 8 support
  • Android 9 support
Bug Fixes
  • Fixed the issue of not being able to use new line character is fixed.

New Client Versions:

  • Endpoint Manager - Server version 6.24.20220.18120
  • Windows Communication Client 6.24.20210.18120
  • Windows Client - Security 10.8.1.7117
  • Windows Remote Control 6.24.20211.18120
  • macOS Communication Client 6.24.20462.18120
  • macOS Client - Security 2.4.1.687
  • macOS Remote Control 6.24.20141.18120
  • iOS Mobile Agent 1.2.24
  • Android Mobile Agent 6.13.3.34
  • Linux Communication Client 6.24.20174.18120
  • Linux Client - Security 2.2.1.287