Dell Endpoint Security Suite Enterprise Technical Advisories v3.9

Advanced Threat Prevention v1.5

• To block all PowerShell scripts with Advanced Threat Prevention, both the PowerShell and PowerShell Console policies must be set to Block in the Dell Server Remote Management Console. When both policies are set to Block, no scripts can be run, either through the PowerShell console or the Cmd console. This ensures that PowerShell one-line scripts are not vulnerable to execution. To allow approved scripts to run through the Cmd console, select the Enable Approve Scripts in Folders (and Subfolders) policy, and add the approved scripts to the Approve Scripts in Folders (and Subfolders) policy.

  NOTE:The PowerShell Console policy applies to PowerShell v3 and later. Windows 7 includes PowerShell v2, by default. To upgrade to PowerShell v3 on Windows 7, see www.microsoft.com/en-us/download/details.aspx?id=34595.

  [CYL-619]

• After Auto-Update to v2.0.1441, the Advanced Threat Prevention tile may no longer display in the Dell Data Security Console. To work around this issue, run the following command:

  MSIEXEC.EXE /I "ATP_CSF_Plugins_x64.msi" APPFOLDER="C:\Program Files\Dell\Dell Data Protection\Advanced Threat Protection\Plugins" /l*v "C:\ProgramData\Dell\Dell Data Protection\Installer Logs\ATP_CSF_Plugins_x64.msi.log"

  The .msi file can be found in the following folder, extracted from the installation package: \Advanced Threat Prevention\WinXXr\

  If the issue persists, contact ProSupport. [CYL-626]

• Windows 10 Creators Update is not yet supported with the optional Web Protection and Firewall features.

Technical Advisories - Auto-Updates

For information about periodic Advanced Threat Prevention updates for enterprises enrolled for Agent Auto Update on the Dell Server, see http://www.dell.com/support/article/us/en/19/SLN305419/dell-data-protection-endpoint-security-suite-enterprise-and-dell-data-protection-threat-defense-release-notes?lang=EN. Select the Saas Updates tab.

For instructions on how to enroll for Agent Auto Update on the Dell Server, refer to AdminHelp, accessible from the Remote Management Console.

Encryption Client v8.15

• Encryption is not supported on servers that are part of distributed file systems (DFS). [DDPC-6130]
• If the CmgHiber.sys or CmgHiber.dat file is missing from C:\windows\system32\drivers on a computer that hibernates, the computer will not resume. Ensure that disk cleaner and optimization tools do not delete these files. [DDPC-6211]
• When removable media is connected to a computer running Windows 7, 8, or 8.1 with the Subclass Storage: External Drive Control policy set to Blocked, the device name is not included in the access-blocked message or in the Local Management Console. [DDPC-6503]
• Encrypted user and common data on a computer with an HCA card is unrecoverable if the user clears HCA ownership, even though the computer is not HCA-encrypted, because the user and common keys are wrapped in the GPE (HCA) key. [DDPC-6505, DDPC-6535]

Advanced Authentication v8.15

• SSL is no longer supported. TLS 1.0, 1.1, or 1.2 should be used rather than SSL.

Preboot Authentication v8.15

• A few keys on a Brazilian Portuguese keyboard behave differently than expected on the Dell Precision M4800 running in UEFI mode. [DDPC-5975]
• A delay in display of the PBA login screen has been observed on the following Dell computers: Optiplex 5055, Precision 5820T, Precision 7820T, and Precision 7920T. [DDPC-6375]
• Recovery of a SanDisk X300 drive with the Recovery All bundle succeeds but may require up to two minutes to complete. [DDPC-6389]
• SSL is no longer supported. TLS 1.0, 1.1, or 1.2 should be used rather than SSL.

SED Client v8.15

• SSL is no longer supported. TLS 1.0, 1.1, or 1.2 should be used rather than SSL.

BitLocker Manager v8.15

• The Local Management Console does not report status of a drive that is both Dell-encrypted and BitLocker-encrypted when the drive is locked. [DDPC-6329]
• SSL is no longer supported. TLS 1.0, 1.1, or 1.2 should be used rather than SSL.