Bug fixes

Filters for application behavior control and application lists ending with a backslash, followed by wildcards, incorrectly matched files in child directories. For example, c:\test\* matched c:\test\subdir\readme.txt. To match all files in all child directories, the filter must be c:\test\ or c:\test\**\*.

This is a behavior change: filters are now evaluated correctly!

If application behavior rules were saved in the DMC without selecting the 'Filters' tab, command line parameters were not saved, and changes to the target were not applied.

When decrypting BitLocker-encrypted partitions, events were sent without specifying any data. This resulted in an error message in the DES log file.

The menu item "Encryption" in the DOC Security Controls was not displayed if you only had BitLocker licensed.

When restricting the BitLocker password to numbers or numbers and Latin letters, dictionary files could not be used because the option was grayed out.

After resuming a delayed encryption, it was possible that external hard disks were also encrypted.

Fixed an issue that made the content search for files in rar archives unreliable.

If the 'Allow authorized user login' option is enabled for a usage policy, the currently logged in user can only accept the usage policy (without specifying another account) if they are also listed in the list of authorized users.

This is a change in behavior. If the logged-in user is to be able to accept the usage policy, they must be entered in the list via the 'Authorized users' option.

If the usage policy is configured with the option 'Launch self-service unlock after accepting usage policy', but the accepting user does not have authorization for self-service unlock, the usage policy can now simply be accepted without starting the self-service unlock.

This is a change in behavior. If you want to specify users who are allowed to accept the usage policy, you can enter them in the list using the 'Authorized users' option.

In the DMC, when browsing for COM ports (Devices -> Device class locking -> Serial ports (COM) -> Ignored port devices), the ports available locally (or on an agent connected via remote control) were not listed. PCMCIA adapters would have been displayed instead, if available.

The Linux agent can now be installed on the SUSE Enterprise desktop.

Fixed an issue in the user-related agent settings where the display of Disk Protection logon notifications did not work correctly.

The settings for the push installation of the agent via a linked DES were read from the central DES.

The content scanner has blocked some valid DOCX files.

It was not possible to control external drives with serial numbers on the macOS Agent.

The maintenance settings of clients are now correctly evaluated per client.

Events 704-706 have been moved to a more appropriate event category (Device events instead of Temporary unlock).

The option to select a file from the application inventory was also offered if no application inventory was available.

If a policy in the new format was created with a policy in the old format as a template, the new policy was empty.

In the DOC, any duplicate spaces in the event properties were replaced with a single space in the parameters, so that after copying and pasting, for example, ProductIDs, they could not be used correctly in rules.

In the detail view of computers, the "Definition" tab in the "Group memberships" window has been renamed "Static group definitions" to avoid confusion.

An error in the listing and correct counting of objects has been fixed. This error could occur with restricted DOC user authorizations (for OUs or groups).

Under certain circumstances, taking over a report from another user could lead to a loss of the report settings.