Fixed Issues In Release 124.0.0
Fixed Issues In Release 124.0.0
Here is the list of fixed issues in this release
| Issue Number | Category | Description |
|---|---|---|
| 544784 | Advanced Analytics (NAA) | Fixed an issue where the application lookup method for events generated from the API Connector access method displayed incorrect applications tags. |
| 589144 | Fixed an issue when newly created tenants do not have Reports (New Experience) available yet and users attempt to access these reports, a blank page and error messages display. | |
| 580047 | CASB Real-time Protection | Added new Dropbox resources to improve Instance detection. |
| 586498 | Added support to detect image file upload and download activities in the Skype application. | |
| 578474 | Fixed an issue where Authproxy configuration was not compatible with a flag. | |
| 571840 | Microsoft Planner Application can now be accessed via Reverse Proxy. | |
| 569469 | Classic API Data Protection | Previously, when files with an encrypted Microsoft Purview Information Protection (MPIP) label were uploaded as part of the quarantine flow to the Microsoft Office 365 SharePoint destination, the SaaS application’s API response incorrectly returned the file size as 0 bytes, causing the tombstone creation to fail. This issue has been resolved, and the API now correctly reports the file size, ensuring successful tombstone creation. |
| 565414 | Previously, a downloaded Microsoft Purview Information Protection (MPIP) encrypted quarantine file failed to open due to file corruption. This issue has been resolved, and the file now retains its integrity upon download, ensuring successful access. | |
| 577204 | Email DLP | Fixed an issue where Incident Id was not populated in DLP events generated via SMTP Proxy as access method. |
| 546963 | Endpoint DLP (EPDLP) | In previous versions of Endpoint DLP on MacOS, when the user disconnects the Wi-Fi, plugs in a USB, reboots the machine, and connects the Wi-Fi back again the USB device is not blocked and remains accessible until the device is removed and reinserted. |
| 526160 | Some USB devices from Kingston, iStorage, and DataLocker were inappropriately identified by USB Device Control. | |
| 558471 | Netskope Explicit Proxy does not support Endpoint DLP communication. If both Netskope Client and Netskope Explicit Proxy are being used together, Endpoint DLP ignored the proxy configuration. | |
| 504828 | Fixed an issue where Endpoint DLP incorrectly changes the read-only attribute for files stored stored in SolidWorks PDM. | |
| 498774 | Fixed an issue where shutdown race-condition could rarely cause a BSOD on system shutdown. | |
| 597026 | In R123, Endpoint DLP incidents with Original File download enabled could not download the original file when the incident was from a cached scan. In the DLP Incident page, this usually meant that a user could only download the original file from the oldest incidence of the Incident. This is fixed for incidents created with R124. | |
| 595613 | When “Save As PDF” was used, the Excel API fires a “BeforePrint” api event, causing Printer Content Control to evaluate the saved document as if it was being printed. This could cause Printer Content Control policies to prevent spreadsheets being saved as PDFs. | |
| 595610 | Fixed an issue for Printer Content Control where some printed documents that use GDI printers can result in black text on a black background, making the original file impossible to read. | |
| 595606 | Notepad++ sometimes would hang for long periods of time when printing with Printer Content Controls enabled. | |
| 595576 | In R123, sometimes Endpoint DLP incident pages would not contain the “Download Original File” download link. | |
| 578454 | Sometimes Excel would fail to connect to the printer when using Printer Content Control policies. | |
| 572539 | In R123, File Share events were sometimes recorded with invalid paths such as “\\\”. These events are filtered out now. | |
| 569649 | Fixed an issue in Printer Content Control where original documents where incorrectly renamed the original source file as “.docx”, or “.xlsx”, or “.pptx”. When a user downloaded the original file from the Endpoint DLP Incident and tried to open, the download failed. Now, the file extension is correctly maintained. | |
| 552231 | When using Printer Content Control, printing to HP GDI Print drivers would sometimes go to Error Fallback inappropriately. | |
| 550682 | In previous versions going back to R119, the agent would still evaluate USB Content Control policies against files stored on USB devices made read-only by USB Device Control policies. This is fixed, if a file is opened from a read-only device, it is not evaluated against USB Content Control policies. This also prevents the associated events/alerts from being generated. | |
| 548214 | A Windows Error Check was observed when creating a Hyper-V virtual hard disk on an attached SSD device. This is fixed. | |
| 541408 | In previous versions back to R120, Printer Content Control policy may go to Error Fallback if the print job name contains the tab character. | |
| 541042 | In R121 printer constraints may incorrectly evaluate printer paths. A device constraint such as “\\A\” or “\\A\*” would not match “\\A\printer”. This is corrected. | |
| 538292 | For printer constraints, printers are now only “Network” or “Local”. “Shared” printers are removed and are now classified as “Network” printers. | |
| 503397 | The manufacturer field of some versions of iPad were displayed incorrectly by Windows USB Device Control. | |
| 498071 | Printer Device Control policies incorrectly displayed multiple block pop-up messages for some Brother printers do to incorrect handling of the setup print job. | |
| 496097 | Endpoint DLP incorrectly displayed the DLP policy, DLP profile, and DLP rule for alerts generated from some zip files. | |
| 419987 | USB Content Control policies failed for files with some long file names with specific length. | |
| 409382 | Printer Content Control events did not display the executable hash. | |
| 566868 | Netskope Secure Web Gateway (NG SWG) | Fixed an issue where the user alert was intermittently ineffective for HTTP2 traffic. When the server sends an informational early hints response before the actual response, it could cause the response to be incorrectly identified as a background request. |
| 546915 | Fixed an issue for loading a large file to Vimeo. | |
| 553989 | Originally, the SSL decryption page became stuck at loading when there was corrupted rule data in the database. With this fix, if there’s corrupted rule data, Netskope will display a message on the policy page pointing out policies with stale or invalid values. The names of the policies with corrupted data will also be highlighted in red. You can click the policy name to edit the match criteria to make policy valid. Alternatively, you can delete the policy. |
|
| 586273 | Netskope Private Access (NPA) | Enabling the NPA Browser Access DLP feature may inadvertently detect cloud applications as private apps, leading to inaccurate app detection and policy matching. When private applications share the same domain names as cloud applications, cloud app traffic could be misidentified as private app traffic, resulting in mismatches with RTP policies. This issue has now been resolved, ensuring that private applications are only recognized for NPA traffic. |
| 540572 | Remote Browser Isolation (RBI) | Prior to this change Netskope generated an alert when a URL request that matched an isolate policy corresponded to an application event as well. With this change, Netskope will not generate alerts when matching an isolate action, only an application event will be generated. |
| 30200 | Fixed an issue that prevented RBI from creating a new tab in specific situations, e.g. switching between tabs and right-clicking to open a new tab. | |
| 538194 | Traffic Steering | This fix resolved issues with Perform Server Name Indication (SNI) Check and Explicit Proxy over Client (EPoC) functionalities.
With this fix, tunnel reconnection clears the cache and resumes the functionality. |
| 577918 | Fixed an issue where Netskope Client did not restart NPA services automatically on Android and ChromeOS devices. This usually occurs during network switches or under unreliable networking environments. | |
| 505168 | Fixed an issue where the OTP Disablement was not working after enabling Netskope Client from the Devices page. | |
| 577990 | The screen casting for Chromebook devices failed when Netskope Client is enabled. The Chrome casting service involves real-time TCP, and UDP protocols. The current bypassing mechanism has a limitation to support this application. To address this issue, Netskope implemented a new bypassing mechanism based on the exclude routes supported in the Android VPN service. Note
|
|
| 565711 | Fixed an IdP enrollment issue on Windows. While performing IdP-based enrollment with Netskope Client if the username information or failed enrollment gets cached by SSO, the user can click the reset button on the enrollment window to temporarily disable SSO to restart the enrollment. |
|
| 577598 | Fixed an issue where the customized Email Invitation Expired template did not render properly after saving it. Instead, it displayed a static page. | |
| 555622 | Fixed an issue where enabling DNS security feature in a multi-user environment caused BSOD. | |
| 527991 | Fixed an issue where the interoperability between BWAN, Kaspersky anti-virus, and Netskope Client did not function properly. The fix is available through a feature flag. Contact Netskope Support to enable the feature flag for your tenant. | |
| 591721 | Fixed a deadlock issue that caused Netskope Client to go unresponsive to UI or nsdiag command. | |
| 593977 | Fixed a potential crash issue on Windows that can occur when the end user updates configuration on the Netskope Client UI. | |
| 593503 | Fixed an issue where Netskope Client crashed after enabling DEM feature. | |
| 595031 | When “Secure Config Validation” and “Dynamic Steering” is enabled, Netskope Client failed to get the correct Certificate Pinned Application list. This caused Netskope Client to not bypass Certificate Pinned Application traffic. This issue is now fixed. | |
| 553715 | Netskope Client depends on IWscProduct interface (Windows API) to detect AV status on the machine. ERROR_SERVICE_NOT_ACTIVE can occur if Windows Security Center service or other COM related services are not running. The possible reasons for these services not being active are: system restart/service crash (not Client service) and Netskope Client checking before its up and running. To fix this issue, Netskope Client registers with WscRegisterForChanges API (Windows API) to register for Windows Security changes. |
|
| 592680 | Fixed an issue by adding support for bypassing Certificate-pinned applications by Android systems directly for exceptions configured using a negative regular expression (regex). Refer to the following negative regex examples on how to:
^(?!.com\.microsoft\.emmx).*$^(?!.com\.microsoft\.emmx|com\.android\.chrome|com\.sample\.application).*$ |
|
| 578769 | Fixed an issue where an error message due to duplicate Domain exception did not appear properly on the WebUI. |
