Product release information for the VIPRE Endpoint Security - Server Edition Agent 11.0.7628 (Hot fix), released on April 16, 2019.
Bugs fixed
The following bugs have been fixed with this release.
- VPBAGENT-4388 - Active Protection uses an excessive amount of memory
Known issues and workarounds
This section lists issues that are known at the time of release. In some cases, these are bugs that we are working to resolve with a subsequent release. Other items may be due to causes outside of our control, such as bugs with other vendors' software. In all cases, we have tried to provide a workaround for you to consider, should you experience an issue.
If you have questions about a specific issue, please provide the issue ID (if applicable) when contacting our Technical Support team.
Agent-created simple firewall port exceptions do not block as expected [VPBAGENT-4209]
When simple firewall port exceptions are created, VIPRE does not block as expected.
Workaround: Create an advanced firewall exception
Navigate to the Advanced Exceptions screen in the VIPRE Agent, then select Help for detailed instructions.
- Open the VIPRE Agent
- Navigate to the Advanced Exceptions screen:
- Click Firewall > View Settings
- Under the Firewall section, click Exceptions...
- Click the Ports tab > Add Advanced....
You can add Advanced Exceptions from this screen. For detailed steps on adding Advanced Exceptions, click the Help button on this screen.
Agents running Windows Server 2019 do not reboot when clicking "Reboot Now" on a VIPRE Reboot Required condition [VPBAGENT-3920]
This is a condition that occurs due to changes in Windows Server 2019 security settings.
Endpoint devices running Windows Server 2019 will not reboot when the "Reboot Now" button is selected unless the user account is added to a specific Windows Local Security Policy. The default "Administrators" group cannot restart the Agent using this method.
Workaround 1: Add the user to the "Shut down the system" policy
To add a user account to the "Shut down the system" policy
- On the Agent machine, open the Windows Local Security Policy
- Add the required user account to the "Local Policies" > "User Rights Assignment" > "Shut down the system" policy
- Sign Out and Sign In to the machine (or reboot) for the policy change to apply
The next time VIPRE requires a reboot, the modified user will be able to reboot the machine using the "Reboot Now" button.
Workaround 2: Restart the Agent manually
Instead of using the Reboot Now button, users can manually restart the Agent through the Windows Start menu.
Device Control lists some devices as having an incorrect or unknown device type [VPBAGENT-4004]
Although Windows Device Manager shows the correct device type, Device Control lists some devices as incorrect or unknown device types. Therefore, incorrect and unknown devices will not apply any Device Control access permissions as expected.
Workaround for Printers: Due to how Windows defines device classes, when you restrict access to model IDs in the "USB Printers" category, Device Control also denies access to network printers. Using this method, you may add exclusions for specific network printers.
To exclude a network printer using the USB printer category
1. Navigate to Policy > Device Control tab
2. Locate the network printer that is showing as an "Unknown device"
3. Note the Model ID from Model ID column
4. Add an exclusion for this Model ID under the USB Printers category
Firewall trusted zones defined with IPv6 address ranges do not work [VPBAGENT-3187]
The VIPRE Agent does not recognize IPv6 trusted zone ranges, and treats any IPv6 traffic as non-trusted. Therefore, any firewall rules for non-trusted traffic will still apply.
There is no known workaround at this time.
Logging into a Citrix device with Active Protection enabled fails [VPBAGENT-275]
This is a known conflict between VIPRE Active Protection and Citrix User Profile Management (UPM). Attempting to login to a Citrix device with both services enabled causes the login to hang and eventually fail.
Workaround: Temporarily disable Active Protection for Agents that need to access Citrix devices.
Previous known issues
Microsoft Windows Defender continues to run even if the policy has Disable selected
For policies applying to machines running Windows Server 2016 or higher, selecting "Disable Windows Defender" does not actually disable Windows Defender.
Workaround: You may manually disable Windows Defender on these machines. Refer to these articles for more information:
- Disabling Windows Defender Antivirus on Windows Server 2016
- Microsoft TechNet article: Windows Defender Overview for Windows Server
VIPRE Business or VIPRE Business Premium agents on version 9.3 or earlier that are scheduled to upgrade to VIPRE Endpoint Security will not fully upgrade on the initial install
VIPRE has added multiple driver updates that are included with this release. Depending on the version of the drivers on your system and which features are enabled in your policies (e.g. Device Control), installation may require two or more reboots to complete the agent upgrade.
Workaround: Make sure any required reboots are completed. For the corresponding agent, check the Console > Agent Details > Agent Environment tab and verify the "Needs Reboot" column is not marked with an "X".
Color coding of agent version in console does not appear to be consistent for all out of date agents.
In the Protected Computers tab of the console, the agent version field is shaded orange for those agents that need to be updated to the latest agent software version. However, some agents that appear to be out-of-date are not shaded. Those agents include VIPRE Business or VIPRE Business Premium agents that do not have the highest build available. Agents that are not actively communicating are also not shaded but may be out of date.
Workaround: The agents will update with the correct status upon the next communication.
You may note VIPRE Business or VIPRE Business Premium agents reporting incorrectly. We recommend these agents be upgraded to VIPRE Endpoint Security to match your VIPRE Endpoint Security 11 console. This will give you our best protection for these devices and correct the reporting issue.
If you are not currently licensed for VIPRE Endpoint Security, please contact your sales representative (+1 855-885-5566 or Contact Sales) for more information on how you can upgrade.
When changing Active Protection settings within a VM environment, the changes take up to 15 minutes to apply
This is normal, as communication between the Console > VM takes some time to propagate.
When VIPRE scans an email archive, files are not quarantined properly
Workaround: Through your email client, perform a manual cleanup of the email archive containing the infected email. Once the infected email has been removed, re-scan the endpoint to confirm removal.
When managing over 500 agents, a full SQL database should be implemented
It is recommended that when managing over 500 agents, a full SQL database (versus SQLite) will provide the best performance.
See the following support article: Recommended SQL Server settings for a VIPRE Business Database
VIPRE Endpoint Security agents cannot run on Windows XP or Windows Server 2003
The software limitations of these older platforms do not provide the resources necessary for some more robust agent features. VIPRE Endpoint Security requires a minimum OS version of Windows Vista or Windows Server 2008.
Attempting to launch more than one instance of the administration Console (via terminal services) causes agent > Console communication to fail
This is a product design safeguard that prevents one administrator from overwriting a different administrator's settings without notification. Only one instance of the admin Console should be running at a time.
Push agent installations do not work if Simple File Sharing is enabled
Simple File Sharing prevents installation through the push option. You must manually create the MSI installer package and deploy the installer to the workstation.
See the following support article: Minimum Requirements for Agent Push Deployment
Without proper firewall configuration, agents are unable to contact the Console
An incorrectly configured firewall can prevent communication between the agent and the Console.
See the following support article: Minimum Requirements for Agent Push Deployment
Device Control policy changes may require an agent restart before they take effect
On Consoles upgraded to 9.6 or earlier, policy changes will not be applied until the agent is restarted.
Workaround: Manually restart the agent to apply policy changes.
To manually restart an agent
- Right-click on the agent in the grid
- Select Issue Remote Restart Command
The Database Migration Utility may crash if the SQL Database has any spaces in the database name
The Database Migration Utility for VIPRE 9.6 or earlier may crash during the migration process if your SQL Database has spaces in the name of the database.
Workaround: Resolution is under development. When created, database names should contain no spaces, no symbols, and no carriage returns.
Anti-Phishing does not work if Outlook is open during agent install
If Outlook is running when enabling Anti-Phishing in the VIPRE Console before pushing an agent installation, it will not function properly until Outlook is restarted.
Workaround 1: Shut down Outlook during agent installation when enabling Anti-Phishing
Workaround 2: Restart Outlook after agent install when enabling Anti-Phishing
Outdated Citrix drivers may cause BSOD on Windows 7 agents
Updating a Windows 7 agent to VIPRE Endpoint Security 9.6 or earlier can cause a blue screen state on systems with older versions of Citrix drivers on them.
Workaround: Updating the Citrix driver should resolve the issue.