Bitdefender Endpoint Security Tools for Mac
This section contains the release notes for Bitdefender Endpoint Security Tools (BEST) for Mac (previously known as Endpoint Security for Mac). For the Bitdefender Endpoint Security Tools for Mac user's guide, go to this section.
Version 7.18.48.200039
Release date:
Fast ring: 2024.12.09
Slow ring: 2024.12.10
Resolved issues
MDR
Fixed an internal issue that affected telemetry data submission.
Product
Fixed an issue that caused endpoints running product version 7.18.48.200037 to lose internet connectivity.
Version 7.18.48.200037
Release date:
Fast ring: 2024.12.02
Slow ring: -
New features and improvements
Product
Internal improvements related to policy assignment rules.
Resolved issues
Network Protection
Fixed an issue that prevented access to www.threatlocker.com
Product
Fixed an issue with CleanMyMac app that interfered with the product.
Patch Management
Resolved an issue where the Patch Management module was enabled in the product, but in GravityZone it was reported as disabled.
Version 7.17.47.200034
Release date:
Fast ring: 2024.10.21
Slow ring: 2024.10.22
New features and improvements
Antimalware
Added new localized UI texts for the Quarantine section.
Version 7.17.47.200033
Release date:
Fast ring: 2024.10.09
Slow ring: 2024.10.14
New features and improvements
Product
Added support for upcoming features available with the next major GravityZone release.
Antimalware
Optimized the antimalware scanning mechanism to minimize system boot delays when scheduled scans are missed.
Added support for the Rescan quarantine after malware security content updates option available in the GravityZone console.
Added support for the Allow users to take actions on local quarantine option available in the GravityZone console.
New interface messages now indicate whether file restoration from local quarantine was initiated by the GravityZone administrator, the local user, or Bitdefender.
Resolved issues
Product
Fixed an issue that caused Mac users to be repeatedly prompted to approve previously allowed system extensions after agent deployment via the Jamf platform.
Network Protection
Fixed an issue that interfered with AirDrop functionality when Network Protection was enabled.
Device Control
Addressed an issue where Bluetooth device names were missing on Threats Xplorer > Device Control activity section of the GravityZone console.
Version 7.17.46.200026
Release date:
Fast ring: 2024.09.06
Slow ring: 2024.09.06
Resolved issues
GUI
Fixed an issue where the GUI became unresponsive after clicking the BDLDaemon.app link to allow Full Disk Access.
Product
Fixed an incompatibility issue between Cisco Secure Client and Bitdefender DCI extension in macOS 15 Sequoia.
Version 7.17.46.200025
Release date:
Fast ring: 2024.09.03
Slow ring: 2024.09.04
New features and improvements
Product
Added support for upcoming features available with the next major GravityZone release.
Added support for macOS 15 Sequoia.
Version 7.17.45.200018
Release date:
Fast ring: 2024.08.26
Slow ring: 2024.08.27
Important
This version also includes, on slow ring, the improvements and fixes delivered BEST version 7.17.45.200016 released on fast ring.
Resolved issues
Product
Fixed an issue where, in some cases, websites were inaccessible when the Bitdefender DCI network extension was enabled.
Fixed an issue with the Bitdefender DCI network extension that was causing high CPU usage.
Version 7.17.45.200016
Release date:
Fast ring: 2024.08.23
Slow ring: -
Resolved issues
Product
Fixed an issue with the Bitdefender DCI network extension that was causing high CPU usage.
Version 7.17.45.200015
Release date:
Fast ring: 2024.08.13
Slow ring: 2024.08.19
Resolved issues
Network Protection
Users can now access FTP servers on macOS Sonoma systems when the Network Protection module is enabled.
Version 7.17.45.200012
Release date:
Fast ring: 2024.07.23
Slow ring: 2024.07.25
New features and improvements
Product
Added support for upcoming features available with the next major GravityZone release.
Resolved issues
Antimalware
On-demand scan tasks no longer run twice at their scheduled time.
Product
All module names are now displayed correctly when the security agent's language is switched to Vietnamese.
Version 7.16.44.200006
Release date:
Fast ring: 2024.07.08
Slow ring: 2024.07.09
Resolved issues
Antimalware
In certain situations, Antimalware exclusions were not applied. This issue has been fixed.
Version 7.16.44.200005
Release date:
Fast ring: 2024.06.12
Slow ring: 2024.06.12
Resolved issues
Antimalware
The progress bar did not show up in the GUI when performing a custom scan.
Version 7.16.44.200004
Release date:
Fast ring: 2024.06.05
Slow ring: 2024.06.10
New features and improvements
Patch Management
The product now requires users to restart applications that cannot be patched while running.
Note
Applications running under root user cannot be restarted after the patches are installed.
Endpoint users can postpone app restart for 24 hours. After that, the task fails with a “timeout” status.
The Patch Management module bypasses silent mode in GravityZone. Even if notifications are disabled in the GravityZone console, the product will still prompt users to restart their apps if needed.
Antimalware
Added support for On-access options Scan local files and Scan network files.
Note
The product scans all files, even when the Applications only and User defined extensions options are selected.
Network Protection
Optimized the Traffic Scan mechanism to prevent occasional high CPU usage when the Content Control module was using wildcards.
eXtended Detection and Response
Improved the mechanism for sending raw and EDR events.
Resolved issues
Antimalware
The Custom Scan task on
/Users
folder remained in progress instead of failing if Full Disk Access was not approved.
eXtended Detection and Response
Fixed an issue that caused the Blocklist feature to stop functioning after a system reboot.
Network Protection
An incompatibility issue with CyberEdge traffic inspection caused temporary loss of network connectivity.
Product
The product could not access Cloud Services when DNS server was not configured, and the relay was used as a proxy.
The Save button in the encryption windows was not translated in German and Romanian.
Version 7.16.42.200021
Release date:
Fast ring: 2024.04.09
Slow ring: 2024.04.09
Resolved issues
Antimalware
In a corner-case scenario, the product could experience difficulties in operation, displaying the message: “The Antimalware module is disabled.”
Version 7.16.42.200020
Release date:
Fast ring: 2024.04.05
Slow ring: 2024.04.05
Resolved issues
Product
Updating to version 7.16.42.200017 has resulted in some cases in failing to get the real status of Full Disk Access for the
EndpointSecurityforMac
process.
Important
Starting with this version, the agent no longer requires Full Disk Access for the EndpointSecurityforMac
process.
Version 7.16.42.200017
Release date:
Fast ring: 2024.04.02
Slow ring: 2024.04.02
Resolved issues
Product
In some cases, the product GUI became unresponsive after allowing Full Disk Access for the
BDLDaemon
process.
Version 7.16.42.200016
Release date:
Fast ring: 2024.03.27
Slow ring: 2024.04.01
New features and improvements
YARA detection rules
Added support for YARA detection rules.
Network Protection
Added support for multiple Web Access Control schedules.
Patch Management
The message informing about installing OS updates now specifies that you must provide local administrator credentials.
Product
The security agent now displays a relevant message when it could not establish a connection to the GravityZone console.
Resolved issues
Product
In some cases, the security agent did not display the correct status on the Overview page for features such as Antiphishing and Traffic Scan.
Version 7.16.40.200003
Release date:
Fast ring: 2024.01.25
Slow ring: 2024.01.29
New features and improvements
Quarantine
Added support for upcoming features available with GravityZone.
Version 7.16.40.200001
Release date:
Fast ring: 2024.01.18
Slow ring: 2024.01.18
Removed support
Product
The product no longer supports macOS Mojave (10.14) and Catalina (10.15). We recommend upgrading the endpoints to the latest macOS version. Learn more.
Version 7.14.38.200062
Release date:
Fast ring: 2024.01.15
Slow ring: 2024.01.15
New features and improvements
GUI
When opening the main window, the security agent now displays all issues expanded.
Resolved issues
GUI
Fixed some minor Japanese translation issues.
Version 7.14.38.200061
Release date:
Fast ring: 2023.12.18
Slow ring: 2023.12.18
New features and improvements
Product
This version accommodates Bitdefender Endpoint Security Tools for the end of life for macOS Mojave (10.14) and Catalina (10.15). Learn more.
Version 7.14.38.200060
Release date:
Fast ring: 2023.12.11
Slow ring: 2023.12.11
Resolved issues
Network Protection
The product blocked or slowed down the upload to platforms such as app.frame.io, wetransfer.com, fromsmash.com and aws.amazon.com.
Product
The graphical user interface became sometimes unresponsive due to an issue with the
EndpointSecurityforMac
process.
Version 7.14.36.200054
Release date:
Fast ring: 2023.11.27
Slow ring: 2023.11.27
Resolved issues
Antimalware
The product caused high memory usage when accessing a large number of files.
Version 7.14.36.200053
Release date:
Fast ring: 2023.11.23
Slow ring: 2023.11.23
Resolved issues
Patch Management
Some localized texts were not correctly displayed in the GUI.
Version 7.14.36.200051
Release date:
Fast ring: 2023.11.20
Slow ring: 2023.11.20
New features and improvements
Product
Added support for upcoming features available with the next GravityZone Cloud release. Learn more.
Version 7.14.36.200047
Release date:
Fast ring: 2023.11.16
Slow ring: 2023.11.17
New features and improvements
Product
Added support for upcoming features available with the next GravityZone Cloud release. Learn more.
Version 7.14.36.200045
Release date:
Fast ring: 2023.11.14
Slow ring: 2023.11.14
New features and improvements
Product
Added support for upcoming features available with the next GravityZone Cloud release. Learn more.
Network Protection
The product is now compatible with Digital Guardian Web Inspection Proxy.
Version 7.14.34.200043
Release date:
Fast ring: 2023.11.09
Slow ring: 2023.11.10
Resolved issues
Network Protection
In some cases, the Network Protection module caused slowdowns when trying to upload or download files from the internet.
Version 7.14.34.200037
Release date:
Fast ring: 2023.11.01
Slow ring: 2023.11.02
Important
This version also includes on slow ring the improvements and fixes delivered with the previous version 7.14.34.200036 released on fast ring.
Resolved issues
Product
An internal issue caused the BDLDaemon component to stop functioning.
Antimalware
Fixed an issue that caused slow performance when scanning applications during installation.
Version 7.14.34.200036
Release date:
Fast ring: 2023.10.31
Slow ring: -
Resolved issues
Antimalware
Fixed an issue that caused slow performance when scanning applications during installation.
Version 7.14.34.200035
Release date:
Fast ring: 2023.10.19
Slow ring: 2023.10.23
Resolved issues
Network Protection
When enabled in Google Chrome and Mozilla Firefox, the Encrypted ClientHello (ECH) protocol prevented content filtering and traffic scanning.
Version 7.14.34.200034
Release date:
Fast ring: 2023.10.12
Slow ring: 2023.10.12
Important
This version also includes on slow ring the improvements and fixes delivered with the previous versions 7.14.34.200030 and 7.14.34.200032, released on fast ring.
Resolved issues
Product
Bitdefender DCI extension could not be installed if the endpoint user was not logged in.
In some cases, Bitdefender DCI extension caused high memory usage after product update.
In some cases, Bitdefender DCI extension could not update at the same time as the product.
Version 7.14.34.200032
Release date:
Fast ring: 2023.10.11
Slow ring: -
Resolved issues
Product
In some cases, Bitdefender DCI extension could not update at the same time as the product.
Version 7.14.34.200030
Release date:
Fast ring: 2023.10.10
Slow ring: -
Resolved issues
Product
In some cases, Bitdefender DCI extension caused high memory usage after product update.
Version 7.14.34.200029
Release date:
Fast ring: 2023.10.03
Slow ring: 2023.10.03
Important
This version also includes on slow ring the improvements and fixes delivered with the previous versions 7.14.34.200027 and 7.14.34.200028, released on fast ring.
Resolved issues
Network inventory
In some cases, after moving the endpoint, the product did not correctly report the new company ID.
Product
The product did not display the system reboot window required in situations where, after an update, the Bitdefender DCI extension did not work properly.
Fixed some issues with Bitdefender DCI extension such as:
Intermittent loss of internet connection on endpoints.
Endless browser loading when trying to log in to websites.
Localization
Module names were incorrectly localized into Simplified Chinese.
In some languages, the message displayed for blocked webpages was not completely localized.
Version 7.14.34.200028
Release date:
Fast ring: 2023.09.28
Slow ring: -
Resolved issues
Product
The product did not display the system reboot window required in situations where, after an update, the Bitdefender DCI extension did not work properly.
Version 7.14.34.200027
Release date:
Fast ring: 2023.09.26
Slow ring: -
Resolved issues
Product
Fixed some issues with Bitdefender DCI extension such as:
Intermittent loss of internet connection on endpoints.
Endless browser loading when trying to log in to websites.
Localization
Module names were incorrectly localized into Simplified Chinese.
In some languages, the message displayed for blocked webpages was not completely localized.
Version 7.14.32.200024
Release date:
Fast ring: 2023.09.14
Slow ring: 2023.09.14
New features and improvements
Full Disk Encryption
Added encryption support for macOS Sonoma (version 14).
Version 7.14.32.200019
Release date:
Fast ring: 2023.09.07
Slow ring: 2023.09.07
Resolved issues
Product
The product incorrectly reported finished Reconfigure agent tasks as still in progress to the GravityZone console.
Version 7.14.32.200017
Release date:
Fast ring: 2023.09.04
Slow ring: 2023.09.05
Important
This version also includes on slow ring the improvements and fixes delivered with Bitdefender Endpoint Security Tools version 7.14.32.200015, released on fast ring.
Resolved issues
Antimalware
In some scenarios, On-Access scanning affected the operation of other product modules.
Product
Security fixes.
Graphical User Interface
In some situations, the product update progress bar did not accurately show the download status.
Version 7.14.32.200015
Release date:
Fast ring: 2023.08.29
Slow ring: -
Resolved issues
Product
Security fixes.
Graphical User Interface
In some situations, the product update progress bar did not accurately show the download status.
Version 7.14.32.200012
Release date:
Fast ring: 2023.08.17
Slow ring: 2023.08.17
Resolved issues
Antimalware
In some cases, the On-Access feature caused the system start to last longer than usual.
Version 7.14.32.200011
Release date:
Fast ring: 2023.08.09
Slow ring: 2023.08.09
Resolved issues
Product
Fixed an issue that caused macOS users, in certain instances, to experience system deceleration and/or temporary unresponsiveness for 5 to 10 minutes after the login process.
Version 7.14.32.200005
Release date:
Fast ring: 2023.08.01
Slow ring: 2023.08.01
New features and improvements
Graphical User Interface
The local console now displays error messages whenever actions taken by users to fix issues are unsuccessful.
EDR
The security agent has been enhanced to include support for EDR custom rules.
Version 7.14.30.200033
Release date:
Fast ring: 2023.07.18
Slow ring: 2023.07.20
New features and improvements
Product
Security improvements.
Version 7.14.30.200032
Release date:
Fast ring: 2023.06.13
Slow ring: 2023.06.14
Note
This version includes all the improvements and fixes delivered with the previous version 7.14.30.200027 released on fast ring.
New features and improvements
Network Protection
Added support for the Warn action with the Content Control module.
Resolved issues
Product
The SSL certificate generated when deploying the BEST through Kandji was not recognized as valid.
Fixed the issue where macOS endpoints reported three different values for
HostName
,LocalHostname
andComputerName
in GravityZone.Fixed an internal issue that caused the BDLDaemon component to crash.
Remote Shell
The Remote Shell session unexpectedly stopped when creating the archive on the endpoint failed.
Version 7.14.30.200027
Release date:
Fast ring: 2023.06.06
Slow ring: -
New features and improvements
Network Protection
Added support for the Warn action with the Content Control module.
Resolved issues
Product
The SSL certificate generated when deploying the BEST through Kandji was not recognized as valid.
Fixed the issue where macOS endpoints reported three different values for
HostName
,LocalHostname
andComputerName
in GravityZone.
Remote Shell
The Remote Shell session unexpectedly stopped when creating the archive on the endpoint failed.
Version 7.14.28.200021
Release date:
Fast ring: 2023.05.22
Slow ring: 2023.05.23
Resolved issues
eXtended Detection and Response (XDR)
Collecting investigation packages was failing with connection error.
Version 7.14.28.200016
Release date:
Fast ring: 2023.05.09
Slow ring: 2023.05.10
New features and improvements
Product
Added support for upcoming features available with the next GravityZone release.
Version 7.14.28.200015
Release date:
Fast ring: 2023.05.02
Slow ring: 2023.05.03
Note
This version includes all the improvements and fixes delivered with the previous versions 7.14.28.200013 and 7.14.28.200014 released on fast ring.
New features and improvements
Product
Added support for upcoming features available with the next GravityZone release.
Resolved issues
Product
Fixed certain issues with internal files that caused the product to crash.
In some cases, the uninstaller app could not be opened.
Graphical User Interface
The progress bar displayed an incorrect number of scanned files and incorrect percentage of completion when scanning excluded folders.
Action buttons to allow full disk access, DCI extension, and update signatures were not localized.
Addressed several minor issues such as:
Texts were not localized or incorrectly displayed in some languages.
Buttons and controls did not function as expected in certain scenarios.
Information in the About window was not dynamically updated.
In some cases, the main window showed up after each system reboot or login.
Antimalware
Exclusions did not work when they included special characters.
Version 7.14.28.200014
Release date:
Fast ring: 2023.04.20
Slow ring: -
Resolved issues
Product
Fixed certain issues with internal files that caused the product to crash.
Graphical User Interface
Action buttons to allow full disk access, DCI extension, and update signatures were not localized.
Version 7.14.28.200013
Release date:
Fast ring: 2023.04.18
Slow rings: -
New features and improvements
Product
Added support for upcoming features available with the next GravityZone releases.
Resolved issues
Graphical User Interface
Addressed several minor issues such as:
Texts were not localized or incorrectly displayed in some languages.
Buttons and controls did not function as expected in certain scenarios.
Information in the About window was not dynamically updated.
In some cases, the main window showed up after each system reboot or login.
Antimalware
Exclusions did not work when they included special characters.
Product
In some cases, the uninstaller app could not be opened.
Version 7.14.26.200010
Release date:
Fast ring: 2023.03.15
Slow ring: 2023.03.15
Resolved issues
Deployment
Setup Downloader failed with error -1004 instead of downloading and installing the endpoint package.
Version 7.14.26.200009
Release date:
Fast ring: 2023.03.08
Slow ring: 2023.03.09
Important
This version includes all changes delivered with the previous version 7.14.26.200008 released on fast ring. These refer to the new name, new user interface, and removed support for macOS Sierra (10.12) and High Sierra (10.13).
Resolved issues
Network Attack Defense
The product returned errors when running AWS CLI commands on endpoints with the Network Attack Defense module installed.
Update
The product did not report the correct update attempt in the Protection tab of the endpoint details in the GravityZone console, unless an update actually occurred.
Version 7.14.26.200008
Release date:
Fast ring: 2023.02.27
Slow ring: -
New features and improvements
New identity
The security agent has a new name: Bitdefender Endpoint Security Tools. With the new name also comes a new graphical interface for an improved user experience. These are some of the highlights:
Revised main window.
New menus.
New scan and update flows.
Transparency.
Light and dark modes.
Apart from all the changes, some essential procedures remain the same: install, encrypt, uninstall.
For details, refer to the Bitdefender Endpoint Security Tools for Mac User's Guide.
Removed support
Product
The agent no longer supports macOS Sierra (10.12) and High Sierra (10.13).
Version 7.12.24.200022
This is the last public version named Endpoint Security for Mac.
Release date:
Fast ring: 2023.01.18
Slow ring: 2023.01.19
Resolved issues
Product
Security fixes.
Version 7.12.24.200021
Release date:
Fast ring: 2023.01.11
Slow ring: 2023.01.11
Note
This version includes all the improvements and fixes delivered with the previous versions 7.12.20.200018 and 7.12.24.200020 released on fast ring.
Resolved issues
Product
Addressed an issue that caused the Bitdefender Endpoint Security Tools agent to crash in some cases.
Version 7.12.24.200020
Release date:
Fast ring: 2023.01.09
Slow ring: -
New features and improvements
Product
Internal product improvements.
Version 7.12.24.200018
Release date:
Fast ring: 2022.12.19
Slow ring: -
New features and improvements
Product
Internal improvements to the update scheduler and product reconfiguration through GravityZone task.
Version 7.12.22.200016
Release date:
Fast ring: 2022.11.24
Slow ring: 2022.11.25
Resolved issues
Policies
In some cases, GravityZone applied the security policy to the endpoint every minute when the assignment rules were active.
Version 7.12.22.200015
Release date:
Fast ring: 2022.11.21
Slow ring: 2022.11.23
Resolved issues
Policies
In some cases, GravityZone did not apply the policies correctly when having multiple assignment rules configured.
Version 7.12.22.200014
Release date:
Fast ring: 2022.11.17
Slow ring: 2022.11.18
New features and improvements
XDR/EDR
Bitdefender Endpoint Security Tools now sends to the GravityZone console the same EDR raw events as for the SIEM platforms.
Version 7.12.20.200012
Release date:
Fast ring: 2022.11.11
Slow ring: 2022.11.15
Note
This version includes all the improvements and fixes delivered with the previous version 7.12.20.200005 released on fast ring.
Resolved issues
In macOS 13 Ventura, Bitdefender Endpoint Security Tools services now appear in Login Items as from Bitdefender SRL.
Version 7.12.20.200005
Release date:
Fast ring: 2022.11.02
Slow ring: -
New features and improvements
Product
Added support for Japanese language in the product GUI.
Resolved issues
EDR/XDR
The BDLDaemon component caused high memory usage due to an issue with EDR Sensor.
Version 7.10.18.200041
Release date:
Fast version: 2022.09.28
Slow version: 2022.09.29
Note
This version includes all the improvements and fixes delivered with the previous versions 7.10.18.200038 and 7.10.18.200039 released on fast ring.
Resolved issues
Product
The Finder window crashed when trying to select a location for restoring quarantined items.
Version 7.10.18.200039
Release date:
Fast ring: 2022.09.23
Slow ring: -
Resolved issues
Product
SIEM platforms could not display GravityZone events due to incomplete data sent by Bitdefender Endpoint Security Tools from endpoints with Apple CPUs.
Version 7.10.18.200038
Release date:
Fast ring: 2022.09.21
Slow ring: -
New features and improvements
Product
Added support for upcoming features delivered with the next major GravityZone update.
Improved the installation mechanism for PKG files.
Antimalware
Improvements for on-demand scanning.
Added support in the product interface for restoring files from quarantine to a custom location.
Resolved issues
Product
Product installation through Setup Downloader was failing with error -1004 when using direct connection to GravityZone Cloud.
In some cases, the product displayed the status “Never” or “Threat information is outdated” after successful updates.
The product was displaying the debug log for Endpoint Patch in Terminal.
In some cases, the progress bar was not reflecting correctly the update status.
Content Control
An internal issue was preventing the Content Control module from blocking the www.dropbox.com website.
Version 7.8.17.200030
Release date:
Fast ring: 2022.09.06
Slow ring: 2022.09.07
Resolved issues
Managed Detection and Response (Bitdefender MDR)
SIEM platforms like Splunk and Sumo Logic could not display Bitdefender MDR events due to incomplete data sent by Bitdefender Endpoint Security Tools in such scenarios.
Deployment
An internal configuration issue caused the Reconfigure Client task to remain “in progress” in the GravityZone console, although the installation completed successfully.
Version 7.8.17.200028
Release date:
Fast ring: 2022.08.29
Slow ring: 2022.08.30
Resolved issues
Device Control
The Device Control module was failing to detect and block SD cards in some scenarios.
Product
The product was indicating the security telemetry status as “broken” when used in GravityZone integrations with SIEM platforms.
Fixed an issue that was causing product installation through Setup Downloader to fail with error -1004.
Version 7.8.16.200026
Release date:
Fast ring: 2022.08.10
Slow ring: 2022.08.11
New features and improvements
Product
Improved scanning performance.
Resolved issues
Threats Xplorer
Malware detections generated two entries instead of one for each event reported to the GravityZone console.
Product
Fixed some issues that caused occasional service crashes.
Version 7.6.14.200022
Release date:
Fast ring: 2022.06.30
Slow ring: 2022.07.01
Resolved issues
Product
The BDLDaemon component was causing high memory usage after update to version 7.6.14.200021.
Version 7.6.14.200021
Release date:
Fast ring: 2022.06.20
Slow ring: 2022.06.21
Note
This version also includes on slow ring the improvements and fixes delivered with previous versions of Bitdefender Endpoint Security Tools released on fast ring.
Resolved issues
Product
Bitdefender Endpoint Security Tools was indicating an incorrect product version due to a configuration issue.
Version 7.6.14.200020
Release date:
Fast ring: 2022.06.16
Slow ring: -
Resolved issues
Network Protection
The product was crashing when using exclusions with an incorrect wildcard format.
Version 7.6.14.200019
Release date:
Fast ring: 2022.06.09
Slow ring: -
New features and improvements
Product
The endpoints now have the ability to send raw events to any SIEM or third-party software capable of listening to HTTPS and parsing JSON formatted events.
Improved the update mechanism.
Resolved issues
Product
Fixed an issue that affected large file uploads.
Version 7.6.12.200011
Release date:
Fast ring: 2022.05.17
Slow ring: 2022.05.17
Note
This update is available only to a limited number of endpoints on fast ring.
Resolved issues
The GravityZone policy was applying in some cases on the endpoints only after restarting Bitdefender services.
Version 7.6.12.200010
Fast ring: 2022.05.11
Slow ring: -
Note
This update is available only to a limited number of endpoints on fast ring.
Resolved issues
Product
The product was displaying issues in the GUI even after approving Full Disk Access on macOS Mojave (10.14) and Catalina (10.15).
The GravityZone console was listing the product as outdated after installing the latest version 7.6.12.200009.
Version 7.4.10.200022
Release date:
Fast ring: 2022.04.19
Slow ring: 2022.04.20
Resolved issues
eXtended Detection and Response (XDR)
Product update was failing due to an issue with EDR Sensor (error code: -1986).
Version 7.6.12.200009
Release date:
Fast ring: 2022.04.18
Slow ring: -
Note
This update is available only to a limited number of endpoints on fast ring.
New features and improvements
Network Attack Defense
We enhanced the product performance by introducing certain limitations to the filtering capability of Network Attack Defense. For details, refer to the Known issues and limitations section of the 7.6.12.200007 version.
Version 7.6.12.200007
Release date:
Fast ring: 2022.04.13
Slow ring: -
Note
This update is available only to a limited number of endpoints on fast ring, through migration from 7.4.10.200020. Subsequent releases will reach the rest of the endpoints over time.
New features and improvements
Antimalware
On-Access scan engine benefits from a new exclusion technology.
Network Protection
Network Attack Defense is now available on macOS endpoints, too.
To include Network Attack Defense, existing installations of Bitdefender Endpoint Security Tools require Reconfigure Client task and policy redeployment.
The Bitdefender DCI component connects automatically when it is manually disconnected or removed, to ensure unimpeded traffic scan by Content Control.
eXtended Detection and Response (XDR)
We implemented several improvements to the Investigation Package feature:
The resulting archive includes more files related to the system, users, and applications.
Increased performance for the collecting mechanism and less disk space required.
The archive contains a CSV file which lists all the operations involved in collecting the data. The CSV file is located in the root directory of the archive.
Known issues and limitations
Network Attack Defense
The module settings become active only after policy redeployment.
Network Attack Defense is filtering ports 80, 81, 443, 8080, and only the following browsers:
Google Chrome
Safari
Opera
Vivaldi
Microsoft Edge
Mozilla Firefox
curl
wget
Python
Version 7.4.10.200020
Release date:
Fast ring: 2022.04.05
Slow ring: 2022.04.06
Resolved issues
Security fixes.
Version 7.4.10.200018
Release date:
Fast ring: 2022.03.23
Slow ring: 2022.03.23
Resolved issues
Product
Fixed an internal configuration issue.
Version 7.4.10.200016
Release date:
Fast ring: 2022.03.21
Slow ring: 2022.03.21
Resolved issues
Update
The product was not applying the update scheduler settings from the GravityZone Control Center when the operating system was installed in other language than English.
Version 7.4.10.200015
Release date:
Fast ring: 2022.02.17
Slow ring: 2022.02.21
Note
This version also includes on slow ring new features, improvements and fixes initially delivered only on fast ring with version 7.4.10.200014.
New features and improvements
eXtended Detection and Response (XDR)
Added support for the Investigation Package functionality. (First delivered with version 7.4.10.200014.)
Improved support and performance for IPv6 protocol.
Product update
Added support for offline manual update. Learn more. (First delivered with version 7.4.10.200014.)
Improved the mechanism for updating security content manually.
Resolved issues
Product update
Bitdefender Endpoint Security Tools no longer performs product and security content updates hourly, but according to the GravityZone policy settings. (First delivered with version 7.4.10.200014.)
eXtended Detection and Response (XDR)
The product failed to collect certain system files when using the Investigation Package task.
Localization
The product displayed Korean characters in scan paths as unsupported.
Version 7.4.10.200014
Release date:
Fast ring: 2022.02.14
Slow ring: -
New features and improvements
eXtended Detection and Response (XDR)
Added support for the Investigation Package functionality.
Product update
Added support for offline manual update. Learn more.
Resolved issues
Product update
Bitdefender Endpoint Security Tools no longer performs product and security content updates hourly, but according to the GravityZone policy settings.
Version 7.4.8.200010
Release date:
Fast ring: 2022.01.27
Slow ring: 2022.01.27
Resolved issues
An incompatibility issue with product version 7.4.8.200007 caused errors while playing audio files in Pro Tools 2021.
Version 7.4.8.200008
Release date:
Fast ring: 2022.01.13
Slow ring: 2022.01.14
Resolved issues
The security agent could not apply policy settings containing special characters (e.g. ö). This resulted in high CPU, memory, and disk space usage on endpoint.
On macOS Mojave (10.14) and older, the security agent created unwanted files in the root directory during installation.
In some cases, the agent indicated functionality issues, even though full disk access had been enabled for Bitdefender Endpoint Security Tools and BDLDaemon applications.
Version 7.4.8.200007
Release date:
Fast ring: 2021.12.15
Slow ring: 2021.12.15
Note
This version includes new features, improvements and fixes previously delivered with version 7.4.8.200006 on fast ring.
New features and improvements
Added support for auto-approval of Bitdefender system extensions, traffic proxy and full disk access in macOS Monterey.
Added a notification in the product interface informing you when DCI proxy profile has been manually disconnected.
The product interface is now available in Turkish and Vietnamese languages.
Added support for silent installation using Setup Downloader.
Added support for product installation using Setup Downloader in Jamf Pro. The updated procedure is available with the new Bitdefender Endpoint Security Tools kits once they are released on slow ring.
Note
With this version, a new procedure for deploying the SSL certificate through Jamf Pro is available. Read more.
Resolved issues
The Device Control module blocked USB Ethernet devices. These devices are now mapped under the Network Adapter category.
The product interface indicated the last update time as "never" despite finishing successfully.
The cursor was active in the Change recovery key window only when the main product window was active as well.
Addressed various localization issues in the product interface.
Version 7.2.6.200022
Release date:
Fast ring: 2021.12.15
Slow ring: 2021.12.15
New features and improvements
This update enables migration to the latest version 7.4.8.200007.
Version 7.4.8.200006
Release date:
Fast ring: 2021.12.09
Slow ring: -
New features and improvements
Added support for auto-approval of Bitdefender system extensions, traffic proxy and full disk access in macOS Monterey.
Added a notification in the product interface informing you when DCI proxy profile has been manually disconnected.
The product interface is now available in Turkish and Vietnamese languages.
Note
With this version, a new procedure for deploying the SSL certificate through Jamf Pro is available. Read more.
Resolved issues
The Device Control module blocked USB Ethernet devices. These devices are now mapped under the Network Adapter category.
The product interface indicated the last update time as "never" despite finishing successfully.
The cursor was active in the Change recovery key window only when the main product window was active as well.
Addressed various localization issues in the product interface.
Version 7.2.6.200021
Release date:
Fast ring: 2021.12.09
Slow ring: -
New features and improvements
This update enables migration to the new product version 7.4.8.200006.
Version 7.2.6.200020
Release date:
Fast ring: 2021.10.14
Slow ring: 2021.10.18
New features and improvements
Product
Added support for macOS Monterey (version 12).
Added support for the new features delivered with the upcoming release of GravityZone.
Resolved issues
Product
Endpoints did not display correct host names when connected to VPN.
The product failed to delete old files after updating signatures, causing disk space consumption.
Version 7.2.4.200013
Release date:
Fast ring: 2021.08.16
Slow ring: 2021.08.23
New features and improvements
Product
Added support for sending to the GravityZone Control Center information regarding the user’s login sessions, such as:
If the login session is active
The last login time
The last login method
Content Control
Added support for scanning web traffic from Microsoft Edge.
Resolved issues
Product
The texts displayed during the product installation have been localized into Simplified Chinese.
The Trust button for SSL certificate has been localized into Simplified Chinese.
Version 4.17.34.200184
Release date:
Fast ring: 2021.08.09
Slow ring: 2021.08.09
New features and improvements
Product
This version enables migration to Bitdefender Endpoint Security Tools version 7 for all endpoints, regardless of the update ring.
Version 7.1.2.200006
Release date:
Fast ring: 2021.07.21
Slow ring: 2021.08.09
Important
This version includes on the slow ring all the improvements and fixes delivered with the Bitdefender Endpoint Security Tools versions 7.1.2.200003 and 7.1.2.200004, previously released only on the fast ring.
Resolved issues
Product
In a corner-case scenario, the product failed to load the update server settings as defined in the configuration files.
Version 7.1.2.200004
Release date:
Fast ring: 2021.07.19
Slow ring: -
Resolved issues
Product
The field indicating the last update time was missing from the product status at the first update after installation.
Version 4.17.33.200183
Release date:
Fast ring: 2021.06.30
Slow ring: 2021.06.30
Resolved Issues
Deployment
Deploying the agent by using the macOS Downloader option in the GravityZone console failed in some cases due to an internal file misconfiguration.
Version 7.1.2.200003
Release date:
Fast ring: 2021.06.28
Slow ring: -
New features and improvements
Product
This version includes a new event correlation engine, for Endpoint Detection and Response solutions (EDR/XDR). This update is silent, with no disruptions and no actions required from your side.
Version 4.17.32.200182
Release date:
Fast ring: 2021.06.28
Slow ring: 2021.06.28
New features and improvements
Product
This update makes the transition towards Bitdefender Endpoint Security Tools version 7 for existing installations. Endpoints on fast ring will migrate to version 7 in one step. Endpoints on slow ring will migrate gradually, closely monitored by Bitdefender. In all cases, the update is silent, with no disruptions and no actions required from your side.
Added support for silent uninstallation of password-protected agents, using command lines. For details, refer to this topic.
Version 4.17.26.200176
Release date:
Fast ring: 2021.05.31
Slow ring: 2021.05.31
Resolved issues
Product
Restricted access to certain product files to prevent non-privileged users from bypassing Bitdefender security settings.
Version 4.15.40.200140
Release date:
Fast ring: 2021.05.27
Slow ring: 2021.05.27
New features and improvements
Product
General availability for Bitdefender Endpoint Security Tools with universal binaries. After this update, all endpoints will be able to migrate to a product version that supports both Intel and M1 processors.
Note
Bitdefender Endpoint Security Tools with universal binaries only installs on macOS Sierra (10.12) and later.
Version 4.17.25.200175
Release date:
Fast ring: 2021.05.12
Slow ring: 2021.05.19
Important
This version also includes the improvements and fixes delivered with version 4.17.24.200174 on fast ring.
New features and improvements
Bitdefender Endpoint Security Tools changed the way it handles security certificates to improve the user experience:
Content Control. The product installs the SSL certificate only when the GravityZone security policy applied on the endpoint has the Scan SSL option enabled. In such case, after deployment on macOS Big Sur (11.x), the product requires user’s approval to install the certificate. If the certificate has been installed, but not trusted, the product requires users to trust it.
On macOS Catalina (10.15) and older versions, the product continues to install the SSL certificate without requiring users’ interaction.
EDR Sensor. The product no longer installs a separate security certificate for the Endpoint Detection and Response module.
GUI. When the SSL certificate is not installed or not trusted, and the security policy has Scan SSL enabled, the product displays a critical issue in the interface. Users are no longer prompted every three hours to allow the certificate.
Resolved issues
Content Control
Addressed an issue that prevented internet access in the following situations:
On macOS Big Sur (11.x), the SSL certificate was not approved and the Scan SSL policy option was disabled.
On macOS Catalina (10.15) and older, the Scan SSL policy option was disabled when installing the agent.
In both cases, it was necessary to enable Scan SSL in the GravityZone policy to allow internet access.
Version 4.17.24.200174
Release date:
Fast ring: 2021.05.10
Slow ring: -
New features and improvements
This update brings changes to the way Bitdefender Endpoint Security Tools handles security certificates to improve the user experience:
Content Control.The product installs the SSL certificate only when the GravityZone security policy applied on the endpoint has the Scan SSL option enabled. In such case, after deployment on macOS Big Sur (11.x), the product requires user’s approval to install the certificate. If the certificate has been installed, but not trusted, the product requires users to trust it.
On macOS Catalina (10.15) and older versions, the product continues to install the SSL certificate without requiring users’ interaction.
EDR sensor. The product no longer installs a separate security certificate for the Endpoint Detection and Response (EDR) module.
GUI. When the SSL certificate is not installed or not trusted, and the security policy has Scan SSL enabled, the product displays a critical issue in the interface. Users are no longer prompted every three hours to allow the certificate.
Version 4.17.21.200171
Release date:
Fast ring: 2021.04.21
Slow ring: 2021.04.22
Important
This version also includes the improvements and fixes delivered with version 4.17.20.200170 on fast ring.
Resolved issues
Graphical user interface
The product window slowed down when the History section contained many elements.
Clearing events in the History section only worked after a product window refresh, by switching to another section or closing and reopening the window.
The product window showed up on screen after performing an update.
Antimalware
BDLDaemonApp crash caused Quick Scan task to stop on macOS Big Sur.
Remote troubleshooting
Application services restarted at the beginning of a debug session.
Version 4.17.20.200170
Release date:
Fast ring: 2021.04.20
Slow ring: -
Resolved issues
Antimalware
BDLDaemonApp crash caused Quick Scan task to stop on macOS Big Sur.
Graphical user interface
The product window showed up on screen after performing an update.
Remote troubleshooting
Application services restarted at the beginning of a debug session.
Version 4.17.16.200166
Release date:
Fast ring: 2021.04.12
Slow ring: 2021.04.12
New features and improvements
General
Added support for Apple M1 processors, with the following protection modules:
Antimalware
Device Control
Content Control
Full Disk Encryption
Support for other features on Apple M1 will be added in time.
Note
This version of Bitdefender Endpoint Security Tools has universal binaries and runs natively on both Intel and Apple M1 architectures. In case of existing installations on systems running macOS versions older than Big Sur (11.x), you must first update them to the intermediary version 4.15.139.200139. This will enable migration to the new update location for product versions with universal binaries.
This version does not install on OS X El Capitan (10.11), following the Bitdefender announcement regarding the end of support for this operating system. We advise you to upgrade the operating system to a supported version to benefit from the latest Bitdefender protection technologies.
Resolved issues
General
Installing the macOS kit (Apple M1) on machines with M1 processors prompted endpoint users to install Rosetta as well.
The product failed to connect to Bitdefender cloud services due to an internal issue.
Graphical user interface
The application top menu was not displayed when launching Bitdefender Endpoint Security Tools from the dock.
Events sorting in the History section was not performed by date after making actions such as resizing columns.
Version 4.15.139.200139
Release date:
Fast ring: 2021.04.12
Slow ring: 2021.04.22
New features and improvements
Product
With the introduction of new macOS kits in GravityZone Control Center during the first quarter of 2021, the new Bitdefender Endpoint Security Tools installations can run natively on both Intel and Apple M1-based machines with macOS Big Sur.
For existing installations running on Intel-based machines with macOS versions before Big Sur (11.x), Bitdefender has started a migration process in two steps:
Existing installations must first update to the intermediary version 4.15.139.20019. This version changes the update location and makes possible the next step.
Existing installations can further download and install the new version 4.17.16.200166 with universal binaries, which comes with improvements and fixes for both Intel and Apple M1 systems.
Note
The new version 4.17.16.200166 will not install on machines running OS X El Capitan (10.11), following the end of support for this operating system. Before updating the product, we advise you to upgrade to a supported macOS version.
Version 4.15.137.200137
Release date:
Fast ring: 2021.03.09
Slow ring: -
New features and improvements
Product
This update enables migration to the new version of Bitdefender Endpoint Security Tools with universal binaries, which will provide support for both Intel and Apple M1 processors.
Resolved issues
Product
Addressed an issue that affected the functionality of Bitdefender Endpoint Security Tools when upgrading the operating system to macOS Big Sur 11.3.
Version 4.15.127.200127
Release date:
Fast ring: 2021.02.02
Slow ring: 2021.02.11
Important
This version also includes all the improvements and fixes delivered with versions 4.14.101.200101 and 4.15.124.200124, previously released on fast ring only.
New features and improvements
Content Control
Added support for Content Control in macOS Big Sur.
Starting with version 11.2 of the operating system, the Content Control module is compatible with other network extensions, such as Cisco AnyConnect VPN. On Big Sur versions before 11.2, Content Control enters the passthrough mode and does not filter any connection.
For details on how Bitdefender Endpoint Security Tools works on macOS Big Sur, refer to this topic.
Note
This version of Bitdefender Endpoint Security Tools runs on Apple machines with M1 processors through Rosetta 2 (no native compatibility).
Resolved issues
Product
Using the product in silent mode created performance issues due to high memory usage.
Content Control
On macOS versions before Big Sur, the Content Control module prevented large files from being uploaded while using services such as Microsoft OneDrive, Box.com, and WeTransfer.com.
Version 4.15.124.200124
Release date:
Fast ring: 2021.01.14
Slow ring: -
New features and improvements
Added limited support for Content Control in macOS Big Sur.
Limitation
The Content Control module enters the passthrough mode and stops filtering any connection when another application with a network extension is installed on the endpoint (for example, Cisco AnyConnect VPN). This happens due to an incompatibility related to the operating system.
For details about configurations required for Content Control to work in macOS Big Sur, refer to this article.
Version 4.14.101.200101
Release date:
Fast ring: 2020.12.15
Slow ring: -
Resolved issues
General
Using the product in silent mode caused performance issues in some cases.
Content Control
Fixed an issue on macOS versions older than Big Sur (10.15), where the product prevented large files from being uploaded while using services such as Microsoft OneDrive, Box.com, and WeTransfer.com.
Version 4.14.96.200096
Release date:
Fast ring: 2020.11.03
Resolved issues
Content Control
Fixed an issue causing internet speed slowdown.
Version 4.14.93.200093
Release date:
Fast ring: 2020.10.19
Slow ring: -
New features and improvements
General
Added support for macOS Big Sur (11.0). All modules and features are compatible with Big Sur, except for Content Control.
Version 4.13.86.200086
Release date:
Fast ring: 2020.09.03
Slow ring: 2020.09.09
Important
This version includes on the slow ring all the improvements and fixes delivered with the Bitdefender Endpoint Security Tools version 4.13.85.200085, which was previously released only on the fast ring.
Resolved issues
Antimalware
In some cases, the Antimalware module failed to generate events for individual detections during on-demand scanning.
General
Clicking the Bitdefender Endpoint Security Tools Help option failed to redirect the user to the product documentation.
Fixed a crash occurring on some machines during update.
Version 4.13.85.200085
Release date:
Fast ring: 2020.09.01
Slow ring: -
Resolved issues
Antimalware
In some cases, the Antimalware module failed to generate events for individual detections during on-demand scanning.
General
Clicking the Bitdefender Endpoint Security Tools Help option failed to redirect the user to the product documentation.
Version 4.12.81.200081
Release date:
Fast ring: 2020.06.30
Slow ring: 2020.07.02
Important
This version includes on the slow ring all the improvements and fixes delivered with the Bitdefender Endpoint Security Tools version 4.12.80.200080, which was previously released only on the fast ring.
New features and improvements
Endpoint Detection and Response (EDR)
Added support for generating incidents on GravityZone Business Security Premium licensed endpoints.
Added support for upcoming features available with the next GravityZone release.
Antimalware
Optimized CPU usage for certain operations related to process exclusions with wildcards.
Remote troubleshooting
Added support for gathering logs from macOS endpoints starting with the next GravityZone release.
User interface
The screen informing users about a blocked website now supports dark mode.
Resolved issues
Antimalware
In some cases, the Cancel button did not stop a scan in progress.
Endpoint Detection and Response (EDR)
In some cases, the EDR module caused high CPU usage while Time Machine was creating backup files.
Assignment Rules
Modifying assignment rules for inactive policies triggered notifications in the GravityZone Control Center.
Network Protection
Traffic Scan blocked login to www.asana.com.
Traffic Scan blocked authentication using Duo and Okta through Cisco AnyConnect.
The product blocked login through identity card.
Device Control
The product was sending events to the GravityZone console with the Device Control module disabled.
User interface
The product main window used to appear after the product silent installation.
Fixed an issue that caused a product crash on version 4.12.80.200080 on fast ring.
General
The product caused high disk space usage when failed to delete old dump files after a certain amount of time.
Version 4.12.80.200080
Release date:
Fast ring: 2020.06.26
Slow ring: -
New features and improvements
Endpoint Detection and Response (EDR)
Added support for generating incidents on GravityZone Business Security Premium licensed endpoints.
Added support for upcoming features available with the next GravityZone release.
Antimalware
Optimized CPU usage for certain operations related to process exclusions with wildcards.
Remote troubleshooting
Added support for gathering logs from macOS endpoints starting with the next GravityZone release.
User interface
The screen informing users about a blocked website now supports dark mode.
Resolved issues
Endpoint Detection and Response (EDR)
In some cases, the EDR module caused high CPU usage while Time Machine was creating backup files.
Assignment Rules
Modifying assignment rules for inactive policies triggered notifications in the GravityZone Control Center.
Network Protection
Traffic Scan blocked login to www.asana.com.
Traffic Scan blocked authentication using Duo and Okta through Cisco AnyConnect.
The product blocked login through identity card.
Device Control
The product was sending events to the GravityZone console with the Device Control module disabled.
User interface
The product main window used to appear after the product silent installation.
General
The product caused high disk space usage when failed to delete old dump files after a certain amount of time.
Version 4.11.71.200071
Release date:
Fast ring: 2020.06.12
Slow ring: 2020.06.17
New features and improvements
Added support for Korean in the product user interface.
Resolved issues
In some cases, the product caused system crashes.
Version 4.11.69.200069
Release date:
Fast ring: 2020.05.07
Slow ring: 2020.05.08
Caution
This version includes on the slow ring all the improvements and fixes delivered with the Bitdefender Endpoint Security Tools version 4.11.68.200068, which was previously released only on the fast ring.
New features and improvements
Improved performance upon installing applications.
Resolved issues
In some cases, the BDLDaemon service consumed large amounts of RAM.
Using the wildcard * (asterisk) for On-Access process exclusions caused sometimes performance issues.
Version 4.11.68.200068
Release date:
Fast ring: 2020.04.29
Slow ring: -
Resolved issues
In some cases, the BDLDaemon service consumed large amounts of RAM.
Using the wildcard * (asterisk) for On-Access process exclusions caused sometimes performance issues.
Version 4.11.66.200066
Release date:
Fast ring: 2020.04.10
Slow ring: 2020.04.14
Caution
This version includes on slow ring all the improvements and fixes delivered with the Bitdefender Endpoint Security Tools version 4.11.64.200064, released on fast ring.
New features and improvements
Added support for moving endpoints between companies in GravityZone Control Center.
Improved the product graphical interface in macOS dark mode.
Resolved issues
The product prevented files from being copied from one location to another on a Linux file server using AFP.
In some cases, the product crashed after updating to version 4.11.64.200064 on fast ring.
Encryption windows were improperly displayed in macOS High Sierra (10.13).
The Content Control module blocked certain websites on networks with proxy servers, when Traffic Scan was enabled.
Fixed incompatibilities with some apps and services that caused the following issues:
System freeze when using the Box app.
Blocked devices when using the Cast feature in Google Chrome.
Blocked online radio station when activating Telenet Safespot Guard.
The product caused high CPU usage and system freeze in certain scenarios.
The History section displayed incorrect product and engine versions.
The About section displayed an incorrect link to Bitdefender Enterprise Support.
The product interface displayed an incomplete status message in Polish.
Version 4.11.64.200064
Release date:
Fast ring: 2020.04.06
Slow ring: -
New features and improvements
Added support for moving endpoints between companies in GravityZone Control Center.
Improved the product graphical interface in macOS dark mode.
Resolved issues
The Content Control module blocked certain websites on networks with proxy servers, when Traffic Scan was enabled.
Fixed incompatibilities with some apps and services that caused the following issues:
System freeze when using the Box app.
Blocked devices when using the Cast feature in Google Chrome.
Blocked online radio station when activating Telenet Safespot Guard.
The product caused high CPU usage and system freeze in certain scenarios.
The product blocked USB storage devices for Apple mobile accounts, although the GravityZone policy was configured to allow access.
The History section displayed incorrect product and engine versions.
The About section displayed an incorrect link to Bitdefender Enterprise Support.
The product interface displayed an incomplete status message in Polish.
Version 4.10.59.200059
Release date:
Fast ring: 2020.03.20
Slow ring: 2020.03.23
Resolved issues
Failed Time Machine backups on NAS servers.
Performance decrease on systems updated to the latest versions of Bitdefender Endpoint Security Tools.
Failed product installations through Windows Relays.
Version 4.10.58.200058
Release date:
Fast ring: 2020.03.09
Slow ring: 2020.03.10
Resolved issues
Fixed some Content Control issues occurred with version 4.10.57.200057:
Blocked Zscaler App on macOS Catalina (10.15).
Blocked access to certain websites via VPN.
Blocked email sending from Outlook.
Browsing slowdown on Office 365.
Occasional slowdown or freeze of the operating system after login.
Version 4.10.57.200057
Release date:
Fast ring: 2020.02.21
Slow ring: 2020.02.21
Resolved issues
In some cases, the Content Control module has caused internet browsing to slow down after update to version 4.10.56.200056.
Version 4.10.56.200056
Release date:
Fast ring: 2020.02.12
Slow ring: 2020.02.17
Important
This update and the following are available for OS X El Capitan (10.11) and later. OS X Mavericks (10.9) and OS X Yosemite (10.10) have reached end of support on December 31st, 2019.
This version includes on the slow ring the improvements and fixes delivered with the Bitdefender Endpoint Security Tools version 4.10.54.200054, released on fast ring.
New features and improvements
Added support for the following capabilities:
Restore quarantined files in custom path.
Exclude restored files from scanning with Advanced Threat Control.
The product user interface is now available in Simplified Chinese. Other user interface improvements on the supported languages.
Removed features
Removed from the product interface the option to exclude Time Machine backup files from scanning. The backup files continue, by default, to be scanned on-access, but not on-demand.
Resolved issues
In some cases, an internal issue prevented the product update from version 4.9.51.200051 to 4.10.54.200054.
The Change Password option for encrypted volumes was disabled after updating from version 4.9.51.200051 to 4.10.54.200054.
In some cases, the Content Control module blocked iTunes and iCloud on Safari.
The Content Control module blocked some web radio services, such as capradio.org and tunein.com.
The product failed to detect infected archives (level 4 deep or more), when a second custom scan was started from the graphic interface.
In corner-case scenario, MacBook endpoints became unresponsive for a few seconds after login.
Version 4.10.54.200054
Release date:
Fast ring: 2020.02.04
Slow ring: -
Important
This update and the following are available for OS X El Capitan (10.11) and later. OS X Mavericks (10.9) and OS X Yosemite (10.10) have reached end of support on December 31st, 2019.
New features and improvements
Added support for the following capabilities:
Restore quarantined files in custom path.
Exclude restored files from scanning with Advanced Threat Control.
The product user interface is now available in Simplified Chinese. Other user interface improvements on the supported languages.
Removed features
Removed from the product interface the option to exclude Time Machine backup files from scanning. The backup files continue, by default, to be scanned on-access, but not on-demand.
Resolved issues
In some cases, the Content Control module blocked iTunes and iCloud on Safari.
The Content Control module blocked some web radio services, such as capradio.org and tunein.com.
The product failed to detect infected archives (level 4 deep or more), when a second custom scan was started from the graphic interface.
In corner-case scenario, MacBook endpoints became unresponsive for a few seconds after login.
Version 4.9.51.200051
Release date:
Fast ring: 2019.12.05
Slow ring: 2019.12.10
Important
This update is available for OS X El Capitan (10.11) and later. OS X Mavericks (10.9) and OS X Yosemite (10.10) reach end of support on December 31st, 2019. Details here.
New features and improvements
The product now reports in real time detections and actions taken on during On-Demand scans.
The History section now displays status messages related to the Antimalware, EDR, Content Control and Full Disk Encryption modules.
Resolved issues
On macOS Mojave (10.14), the product created a large amount of PLIST files after update.
Version 4.8.49.200049
Release date:
Fast ring: 2019.11.20
Slow ring: 2019.11.25
Important
This version also includes on slow ring the improvements and fixes delivered with the Bitdefender Endpoint Security Tools version 4.8.47.200047, released on fast ring.
This update is available for OS X El Capitan (10.11) and later. OS X Mavericks (10.9) and OS X Yosemite (10.10) reach end of support on December 31st, 2019. Details here.
New features and improvements
Advanced Threat Control is now available for Mac. This module relies on a behavior anomaly detection technology that provides protection against never-before-seen threats in the on-execution stage.
Advanced Threat Control is available with any new Bitdefender Endpoint Security Tools installation. For existing installations, you must use the Reconfigure Client task from the GravityZone Control Center.
Added support for configuring Antimalware On-Access and On-Demand exclusions, in the GravityZone Control Center, with the following options:
Files, folders and processes with wildcards. Asterisk (*) replaces zero, one or more characters, question mark (?) replaces one character.
File hash.
Certificate thumbprint.
Detection name.
Added support for configuring exclusions for Traffic Scan with the following options:
IP mask.
URLs with wildcards. Asterisk (*) replaces zero, one or more characters, question mark (?) replaces one character.
Added support for the option Shut down computer when scan is finished from the GravityZone Control Center.
Improved update messages in the product interface.
Resolved issues
In some cases, the operating system became unresponsive after enabling the EDR module.
In certain situations, the product caused the operating system to become unresponsive for a few seconds during or after login.
The product did not display Update Report notifications after successfully performing a product update.
The Content Control module failed to inject the MITM certificate when creating a new Firefox profile.
The product failed to delete certain leftover files after installation via Relay.
The product update failed when no direct connection to Update Server was available.
The product caused high CPU usage with On-Access and On-Demand scanning.
In specific cases, the product was using 100% CPU when detecting malware.
Version 4.8.47.200047
Release date:
Fast ring: 2019.11.11
Slow ring: -
Important
This update is available for OS X El Capitan (10.11) and later. OS X Mavericks (10.9) and OS X Yosemite (10.10) reach end of support on December 31st, 2019. Details here.
New features and improvements
Advanced Threat Control is now available for Mac. This module relies on a behavior anomaly detection technology that provides protection against never-before-seen threats in the on-execution stage.
Advanced Threat Control is available with any new Bitdefender Endpoint Security Tools installation. For existing installations, you must use the Reconfigure Client task from the GravityZone Control Center.
Added support for configuring Antimalware On-Access and On-Demand exclusions, in the GravityZone Control Center, with the following options:
Files, folders and processes with wildcards. Asterisk (*) replaces zero, one or more characters, question mark (?) replaces one character.
File hash.
Certificate thumbprint.
Detection name.
Added support for configuring exclusions for Traffic Scan with the following options:
IP mask.
URLs with wildcards. Asterisk (*) replaces zero, one or more characters, question mark (?) replaces one character.
Added support for the option Shut down computer when scan is finished from the GravityZone Control Center.
Improved update messages in the product interface.
Resolved issues
The product did not display Update Report notifications after successfully performing a product update.
The Content Control module failed to inject the MITM certificate when creating a new Firefox profile.
The product failed to delete certain leftover files after installation via Relay.
The product update failed when no direct connection to Update Server was available.
The product caused high CPU usage with On-Access and On-Demand scanning.
In specific cases, the product was using 100% CPU when detecting malware.
Version 4.7.39.200039
Release date:
Fast ring: 2019.10.01
Slow ring: 2019.10.03
Important
This update is available for OS X El Capitan (10.11) and later. OS X Mavericks (10.9) and OS X Yosemite (10.10) reach end of support on December 31st, 2019. Details here.
New features and improvements
Official support for macOS Catalina (10.15).
Version 4.7.38.200038
Release date:
Fast ring: 2019.09.10
Slow ring: 2019.09.24
Important
This update is available for OS X El Capitan (10.11) and later. OS X Mavericks (10.9) and OS X Yosemite (10.10) reach end of support on December 31st, 2019. Details here.
New features and improvements
Compatibility changes for macOS Catalina (10.15).
Version 4.7.32.200032
Release date:
Fast ring: 2019.08.08
Slow ring: 2019.08.21
Important
This version also includes on slow ring the improvements and fixes delivered with the Bitdefender Endpoint Security Tools version 4.7.30.200030, released on fast ring.
On slow ring, this update will be delivered with any new 4.7.32.200032 installation of Bitdefender Endpoint Security Tools. Existing installations on slow ring (version 4.6.20.200020 or older) will be progressively migrated over the next few weeks.
This update is available for OS X El Capitan (10.11) and later. OS X Mavericks (10.9) and OS X Yosemite (10.10) reach end of support on December 31st, 2019. Details here.
New features and improvements
Introduced a new Antimalware technology, which uses a macOS kernel extension for on-access scanning. This technology is designed to accommodate new features like process exclusions and future enhancements.
Note
Starting with macOS High Sierra (10.13), user approval or whitelisting via MDM is required for loading kernel extensions. Until Bitdefender kernel extensions are approved, on-access scanning falls back on the old file system notifications technology to ensure the system is protected immediately after installation. On-access scanning uses an existing kernel extension, so for existing installations there is no need to approve Bitdefender kernel extensions again if approved previously.
Content Control now scans all HTTP web traffic, regardless of the browser or application performing web access. You can now configure application exclusions for Traffic Scan.
Added support for reporting Content Control detections in EDR incidents.
Added support for process exclusions, where any file accessed by an excluded process is not scanned. Process exclusions are intended to be used by advanced users or following Bitdefender Enterprise Support recommendations.
Added support for
$HOME
user path variable when configuring exclusions, as well as the scan target of custom scan tasks.Added support for granular threat type reporting to the GravityZone Control Center (e.g. spyware, adware, application).
Quick Scan tasks ran from the GravityZone Control Center now scan all user folders in addition to critical system locations.
Added support for the Empty Quarantine option from the GravityZone Control Center. Now, the Empty Quarantine button is also available locally, in the Bitdefender Endpoint Security Tools interface.
The Update Virus Database option name from the Actions menu was renamed to Check for Updates.
The Encryption-related windows now display the product name ("Bitdefender Endpoint Security Tools").
The About window now displays the product engines version.
The Bitdefender kernel extension used for on-access scanning is now automatically installed on older Bitdefender Endpoint Security Tools installations where it was not already installed. In such case, on macOS 10.13+ systems, the user will be prompted to approve loading of Bitdefender kernel extensions.
Resolved issues
In some cases, the product did not report the Antimalware module installation.
On-demand scanning tasks for local drives and removable drives did not properly work when scheduled from the GravityZone console.
The product reported an incorrect signatures version to the GravityZone console.
The Full Disk Encryption module did not take ownership of drives encrypted with FileVault when using iCloud as option for recovery.
A notification regarding the Full Disk Encryption module was displayed when enabling or disabling the On-access scanning module.
The product interface displayed simultaneous scanning tasks when one was started locally and another one from the GravityZone console.
The product reported incorrect update time in the GravityZone console after disabling the product update.
In particular cases, the
EndpointSecurityforMac
process was still active after removing the product with the Uninstaller utility.The main window automatically showed up after the system restart.
The Encryption module user interface is now localized for all supported languages.
In version 4.7.30.200030, released on fast ring only, sending a Restart machine task from the GravityZone console caused the product interface to crash.
Version 4.7.30.200030
Release date:
Fast ring: 2019.07.30
Slow ring: -
Important
This update is available for OS X El Capitan (10.11) and later. OS X Mavericks (10.9) and OS X Yosemite (10.10) reach end of support on December 31st, 2019. Details here.
New features and improvements
Introduced a new Antimalware technology, which uses a macOS kernel extension for on-access scanning. This technology is designed to accommodate new features like process exclusions and future enhancements.
Note
Starting with macOS High Sierra (10.13), user approval or whitelisting via MDM is required for loading kernel extensions. Until Bitdefender kernel extensions are approved, on-access scanning falls back on the old file system notifications technology to ensure the system is protected immediately after installation. On-access scanning uses an existing kernel extension, so for existing installations there is no need to approve Bitdefender kernel extensions again if approved previously.
Content Control now scans all HTTP web traffic, regardless of the browser or application performing web access. You can now configure application exclusions for Traffic Scan.
Added support for reporting Content Control detections in EDR incidents.
Added support for process exclusions, where any file accessed by an excluded process is not scanned. Process exclusions are intended to be used by advanced users or following Bitdefender Enterprise Support recommendations.
Added support for
$HOME
user path variable when configuring exclusions, as well as the scan target of custom scan tasks.Added support for granular threat type reporting to the GravityZone Control Center (e.g. spyware, adware, application).
Quick Scan tasks run from the GravityZone Control Center now scan all user folders in addition to critical system locations.
Added support for the Empty Quarantine option from the GravityZone Control Center. Now, the Empty Quarantine button is also available locally, in the Bitdefender Endpoint Security Tools interface.
The Update Virus Database option name from the Actions menu was renamed to Check for Updates.
The Encryption-related windows now display the product name (Bitdefender Endpoint Security Tools).
The About window now displays the product engines version.
Resolved issues
On-Demand scanning tasks for local drives and removable drives did not properly work when scheduled from the GravityZone Control Center.
The product reported an incorrect signatures version to the GravityZone console.
The Full Disk Encryption module did not take ownership of drives encrypted with FileVault when using iCloud as option for recovery.
A notification regarding the Full Disk Encryption module was displayed when enabling or disabling the On-Access scanning module.
The product interface displayed simultaneous scanning tasks when one was started locally and another one from the GravityZone Control Center.
The product reported incorrect update time in the GravityZone Control Center after disabling the product update.
In particular cases, the
EndpointSecurityforMac
process was still active after removing the product with the Uninstaller application.The main window automatically showed up after the system restart.
The Full Disk Encryption module user interface is now localized for all supported languages.
Version 4.6.26.200026
Release date:
Fast ring: 2019.12.10
Slow ring: 2019.12.10
Important
This update applies to OS X El Capitan (10.11), macOS Sierra (10.12), macOS High Sierra (10.13), and macOS Mojave (10.14), all running on endpoints on slow ring. To benefit from this update, endpoints running OS X Mavericks (10.9) and OS X Yosemite (10.10) must upgrade to OS X El Capitan (10.11) or newer.
Improvements
Automatic migration of existing installations (version 4.6.20.200020 or older) to the latest version of Bitdefender Endpoint Security Tools. This migration makes possible accommodation of new features and enhancements introduced on slow ring starting with version 4.7.32.200032.
Version 4.6.24.200024
Release date:
Fast ring: 2019.09.10
Slow ring: 2019.09.24
New features and improvements
Automatically update existing installations to latest Bitdefender Endpoint Security Tools version upon upgrading the operating system to macOS Catalina (10.15).
Version 4.6.20.200020
Release date:
Fast ring: 2019.06.20
Slow ring: 2019.06.24
Important
This version also includes on slow ring the improvements and fixes delivered with the Bitdefender Endpoint Security Tools versions 4.6.9.200009, 4.6.12.200012, 4.6.15.200015, and 4.6.17.200017, all released on fast ring.
New features and improvements
Bitdefender Endpoint Security Tools now uses FileVault to encrypt boot drives and
diskutil
to encrypt non-boot drives, respectively. Depending on the drive type, the security agent automatically leverages the appropriate application, with minimal input from users.Support for FileVault and
diskutil
was first introduced with version 4.6.9.200009 on fast ring, but this version comes with additional changes for Macs with T2 chips to accommodate the latest macOS updates.Updates from version 4.6.9.200009 or later
The update only changes how boot drive decryption on Macs with T2 chips is performed.
In case of boot drives encrypted by older product versions (that were using
diskutil
, before 4.6.9.20009), users are now required to enter their disk passwords to also decrypt withdiskutil
, instead of FileVault as before. It is recommended to decrypt and re-encrypt such endpoints, in order to generate valid recovery keys in GravityZone.In case of boot drives encrypted by Bitdefender Endpoint Security Tools after updating to 4.6.9.20009 (using FileVault), decryption still leverages FileVault, prompting the user for their system credentials.
New installations and updates from version 4.5.95.179560 or older
For boot drives not currently encrypted, when an encryption policy is applied, the security agent prompts the users to enter their system credentials to send the corresponding recovery key to GravityZone and to start encryption with FileVault.
For boot drives previously encrypted by older versions of Bitdefender Endpoint Security Tools (using
diskutil
):After update, if an encryption policy is already applied on Mac endpoints, no user interaction is required. The encryption passwords and the recovery keys previously configured will continue to function as before the update, until a decryption policy will be applied. At that moment, the security agent will decrypt the boot drives with
diskutil
(using the old encryption passwords). At the next encryption policy, those boot drives will be encrypted with FileVault (using system credentials) and new recovery keys will be stored in GravityZone.After update, when a decryption policy is applied on Mac endpoints, the security agent prompts the users to enter their passwords previously configured to encrypt the disk, in order to start the decryption process.
You do not need to apply a new GravityZone policy for the above changes to take place. The security agent will prompt the users with corresponding windows according to the existing policy settings.
For boot drives encrypted with FileVault, independently of GravityZone:
When an encryption policy is applied, the security agent prompts the users to change the recovery key by entering their system credentials. The new recovery key will be stored in GravityZone.
When a decryption policy is applied, the security agent prompts the users to enter their security system credentials in order to start the decryption process with FileVault.
Non-boot drives are encrypted with
diskutil
and the encryption and decryption processes work as before with no changes.When an encryption policy is applied, the security agent prompts the users to configure a password to start the encryption process and to send a recovery key to GravityZone.
To decrypt, the security agent prompts the users to enter their encryption password.
The update does not require changing the password or recovery keys for non-boot drives.
For Macs encrypted with FileVault, the users have to enter their credentials to start the system and unlock the boot drive at the same time. Once logged on, the system will prompt the users to unlock any encrypted non-boot drives by entering the disk password.
The product user interface now displays the EDR Sensor status.
Resolved issues
In a particular situation, different Mac systems were displayed in the GravityZone console under the same Mac endpoint.
Traffic Scan caused file corruption when using FTP in passive mode.
Traffic Scan caused slow login to Active Directory for endpoints running High Sierra (10.13) and Mojave (10.14).
On systems with T2 chips, the password and recovery key set for full disk encryption would not unlock the boot drive. Users could unlock the boot drive only by using their system credentials. With the new encryption functionality, the user password is required to encrypt, unlock and decrypt a boot drive and, additionally, a recovery key is generated and backed up in GravityZone.
The Finder displayed an additional EFI partition on macOS Mojave (10.14) endpoints with Device Control installed, when connecting an external drive with APFS format.
Malware events were not sent to GravityZone console once a scheduled scan was finished.
The product failed to report the endpoint host name for EDR events.
Other minor improvements and bug fixes.
Known issues
Anti-tampering module may cause crashes to the Time Machine tmutil tool, on macOS El Capitan (10.11).
The Decryption Process window does not reappear if clicking the "X"; button instead of Dismiss. The window reappears after a system restart.
Version 4.6.17.200017
Release date:
Fast ring: 2019.06.11
Slow ring: -
Resolved issues
In some cases, the endpoint would freeze for couple of minutes during user login.
Version 4.6.15.200015
Release date:
Fast ring: 2019.04.24
Slow ring: -
Resolved issues
Endpoints configured to communicate via Relay were still displayed as managed in the GravityZone console after uninstall.
Malware events were not sent to GravityZone console once a scheduled scan was finished.
Endpoints deployed via Relay could not communicate with the GravityZone Control Center.
The product failed to report the endpoint host name for EDR events.
Other minor improvements and bug fixes.
Version 4.6.12.200012
Release date:
Fast ring: 2019.04.08
Slow ring: -
Resolved issues
The Finder displayed an additional EFI partition on macOS Mojave (10.14) endpoints with Device Control installed, when connecting an external drive with APFS format.
The product crashed once the system recovered from Sleep mode.
Version 4.6.9.200009
Release date:
Fast ring: 2019.03.26
Slow ring: -
New features and improvements
Starting with this version, Bitdefender Endpoint Security Tools supports full disk encryption with FileVault for boot drives and with diskutil for non-boot drives, respectively. Depending on the drive type, the security agent automatically leverages the appropriate application, with minimal input from users.
This update affects new and existing installations as follows:
For boot drives not currently encrypted, when an encryption policy is applied, the security agent prompts the users to enter their system credentials to send the corresponding recovery key to GravityZone and to start encryption with FileVault.
For boot drives previously encrypted by older versions of Bitdefender Endpoint Security Tools (using diskutil):
After update, if an encryption policy is already applied on Macs without T2 chips, no user interaction is required. The encryption passwords and the recovery keys previously configured will continue to function as before the update, until a decryption policy will be applied. At that moment, the security agent will decrypt the boot drives with diskutil (using the old encryption passwords). At the next encryption policy, those boot drives will be encrypted with FileVault (using system credentials) and new recovery keys will be stored in GravityZone.
After update, when a decryption policy is applied on Macs without T2 chips, the security agent prompts the users to enter their passwords previously configured to encrypt the disk, in order to start the decryption process.
After update, if an encryption policy is already applied on Macs with T2 chips, the security agent prompts the users to change the recovery key by entering their system credentials. The new recovery key will be stored in GravityZone.
After update, when a decryption policy is applied on Macs with T2 chips, the security agent prompts the users to enter their system credentials in order to start the decryption process with FileVault.
You do not need to apply a new GravityZone policy for the above changes to take place. The security agent will prompt the users with corresponding windows according to the existing policy settings.
For boot drives encrypted with FileVault (Macs with and without T2 chips), independently of GravityZone:
When an encryption policy is applied, the security agent prompts the users to change the recovery key by entering their system credentials. The new recovery key will be stored in GravityZone.
When a decryption policy is applied, the security agent prompts the users to enter their security system credentials in order to start the decryption process with FileVault.
Non-boot drives are encrypted with diskutil and the encryption and decryption processes work as before with no changes.
When an encryption policy is applied, the security agent prompts the users to configure a password to start the encryption process and to send a recovery key to GravityZone.
To decrypt, the security agent prompts the users to enter their encryption password.
The update does not require changing the password or recovery keys for non-boot drives.
For Macs encrypted with FileVault, the users have to enter their credentials to start the system and unlock the boot drive at the same time. Once logged on, the system will prompt the users to unlock any encrypted non-boot drives by entering the disk password.
The product user interface now displays the EDR Sensor status.
Resolved issues
In a particular situation, different Mac systems were displayed in the GravityZone console under the same Mac endpoint.
Traffic Scan caused file corruption when using FTP in passive mode.
Traffic Scan caused slow login to Active Directory for endpoints running High Sierra (10.13) and Mojave (10.14).
On systems with T2 chips, the password and recovery key set for full disk encryption would not unlock the boot drive. Users could unlock the boot drive only by using their system credentials. With the new encryption functionality, the user password is required to encrypt, unlock and decrypt a boot drive and, additionally, a recovery key is generated and backed up in GravityZone.
Known issues
Anti-tampering module may cause crashes to the Time Machine tmutil tool, on macOS El Capitan (10.11).
The Decryption Process window does not reappear if clicking the "X" button instead of Dismiss. The window reappears after a system restart.
Known issues
The information related to email address, website and phone from About section cannot be configured through the policy.
Limitations
The Deny access action for On-Access Antimalware policy will quarantine the file.