SES Evolution 2.4.4 fixes

Warning

WARNING
Before updating your solution from a version 2.3.x to version 2.4.4, you must download and deploy the 2304a security policy. To download it, go to your MyStormshield client area or to the Stormshield Updates panel in your administration console.

Administration console

File access control rules

After the latest versions of Windows 10 and 11 were installed, read and write file access rules were not applied when files were copied.

This issue appeared with the following Windows updates:

  • Windows 10 20H2 build 19042.2788, KB5023773 (21/03/2023)

  • Windows 10 21H2 build 19044.3086, KB5027215 (13/06/2023)

  • Windows 10 22H2 build 19045.2913, KB5025297 (25/04/2023)

  • Windows 11 21H2 build 22000.1761, KB5023774 (28/03/2023)

  • Windows 11 22H2 build 22621.1105, KB5022303 (10/01/2023)

The issue has since been fixed, except for a limitation on network shares, described in the section Explanations on usage.

Export incidents

Support reference: 207668CW

The export path selection window now appears immediately after clicking on the Export incidents menu.

Agent logs display

In the Agent logs panel, the rule description is now correctly displayed in logs regarding security rules.

Deleting IoC or Yara resources

IoC or Yara resources that are linked to an already deleted agent can now be deleted.

IoC search logs

The log settings specified when an IoC scan task is created are now correctly applied.

Helpdesk role

Users with the Helpdesk role can now open the administration console and change its language.

SES Evolution agent

Windows event forwarding

Support reference: 209227CW

In the administration console, SES Evolution agents now systematically report all items detected by Windows event forwarding rules.

DNS request processing

Support reference: 208562CW

In some rare cases, the agent would wrongly interpret DNS requests sent by applications. This would cause the applications in question to malfunction. This issue has been fixed.

Backoffice components

Collecting data from databases

Support reference: 208562CW

The task of collecting diagnostic data in databases no longer fails when an SES Evolution update is run at the same time, or if it is not complete.

Sending agent logs to a Syslog server

The brief description of agent logs, which appears in the administration console, is now forwarded to Syslog servers in JSON format.