Build and Release Notes
      Back to home
      1. Vali Cyber Knowledge Base
      2. Product Support
      3. Build and Release Notes

      Build notes: ZeroLock® Endpoint Agent 2.x

      Build notes describe the changes that are included in each build that is created for Vali Cyber’s ZeroLock Agents.

      Before you install one of these builds, familiarize yourself with the new features, resolved issues, and other changes.

      Summary of Changes 

      The changes that are included in the ZeroLock Endpoint Agent builds are listed below: 

       

        Build 2.2.4 – February 03, 2024
      Item Number Description

      PM-166 

      Resolved agent deadlock during shutdown
        Build 2.2.3 – February 03, 2024
      Item Number Description

      LIBI-29 

      Enhanced the ZeroLock Agent monitoring process to ignore when a recursive child process “active” check is being executed. 

      PM-165 

      Resolved a Baldur crash due to applications race condition.
       
        Build 2.2.2 – February 01, 2024
      Item Number Description

      PM-146 

      Added support for ESXi Hypervisor OS 6.7, 7.x, and 8.x. 

      TYR-55   

       Resolved instance when installing ZeroLock on ESXi 7.0 host a Tyr zombie process was created. 

      PTRACE-32 

      Addressed customer issue where a program was crashing due to overlapping memory with injected code. 

       

      PM-160 

      Resolved issue of a file tampering alert not being generated on ESXi 6.7.  There were no similar issues with ESXi 7.x.  
        Build 2.2.1 – January 31, 2024
      Item Number Description

      AGENT-289 

      Developed and incorporated ESXi specific Network Access Rules. 

      TYR-54 

      Secure boot support added for ESXi. 

      AGENT-288 

      SSH-MFA enable for ESXi agent. 

      AGENT-290 

      Added an ESXi specific Program Filter. If checked, the agent will scan the filesystem and only allow the executables that were present on the system during the scan to run. Any new programs added to the system will be blocked automatically 

      AGENT-297 

      Add new config option for ESXi command scan regex. 

       

      AGENT-299 

      Baldur enhanced to automatically exit if Tyr dies. 

      AGENT-304 

      Resolved issue of the terminal window session hanging after a tampering alert on an ESXi host is released. 

       

      AGENT-308 

      Addressed issue in which selecting Remediate was not restoring all the files on an ESXi environment. 

       

      AGENT-315 

      Resolved instance of an ESXi endpoint after de-activating/activating protection, tampering alerts (process kill/file creation/modification) were not getting generated from the currently opened ssh sessions. 
        Build 2.1.10 – November 28, 2023
      Item Number Description
      PM-158

      Resolved Baldur crash condition where ZeroLock Agent v2.1.9 was not allowing SSH session when installed on Manjiro. 
        Build 2.1.9 – November 28, 2023
      Item Number Description
      PM-156

      In response to customer issue, reduced Agent CPU utilization resulting from ps commands.
      PM-157

      Improved the memory utilization of the ZeroLock Agent by cleaning up the exited processes after 15 minutes.  Exited processes are processes that the Zerolock agent was injected into and monitoring but are no longer running.
        Build 2.1.8 – November 28, 2023
      Item Number Description
      Zero-1301

      Resolved issues relating to ZeroLock Agent installation on SuSE v15.5. 
      PM-153

      Resolved Baldur logging errors on Centos 7.9 and RHEL 7.9. 
        Build 2.1.7 – November 28, 2023
      Item Number Description
      PM-149

      Resolved issue with Atop command line tool causing high CPU utilization in Baldur. Resolution enables reduction of CPU utilization to 3% or less. 
      NAT-25

      Added custom Go compiler to both the cpp-build and jenkins-agent containers to enable ESXi functionality.
      PM-150

      Baldur logs were edited for cleaner and clearer results. 
      PM-151

      Enhanced Precision ‘slim’ mode with additional options so operation is finer grained. 
        Build 2.1.6 – November 27, 2023
      Item Number Description
      Zero-1300

      This change adds the ability to install ZeroLock agent without dependencies when SELinux is disabled on the system. 

      The new option works with the Download installers: Self-Extracting and TAR.   

      ::: Vali Cyber ZeroLock Endpoint Software Installer (2.1.6) ::: 

          Usage: ./installer [-h] [-n] [-v] [-x] [-p] [-a] 

      Options: 

      -h  Print this help message and exit. 

      -n  Perform a dry run, where no installation or changes are made. Useful for testing and debugging. 

      -v        Output more information during installation. Useful for debugging and troubleshooting. 

      -x  Perform troubleshooting steps for diagnosing problems. 

      -p  Update the apparmor or selinux security profile or policy if additional permissions are required. 

      -a  Perform airgapped installation. 

      -d  Perform default package installation. Requires SELinux to be disabled. 

       

       

      Build 2.1.5 – November 22, 2023

      Item Number 

      Description  

      PM-148 

      Agent Slim Mode - This change introduces a new feature called “Slim Mode” which is enabled on the default Configuration Profile.   

      If slim mode is enabled, then the agent only monitors SSH processes and their children. If slim mode is disabled, the agent begins monitoring all networked processes, systemd, cron, and containerd within 120 seconds (about 2 minutes).   

      A settings section for enabling or disabling slim mode has been added to Configuration Profile homepage. 

      This new feature is only available for Zerolock Agent 2.1.5 or greater. 

       

      For more information, see the Vali Cyber Support Page