Resolves a rare issue where Anti-Malware protection does not run after an upgrade.
Fixes an issue where Anti-Malware shows an incorrect status in UI, in some cases. (This is only relevant to the E2 package.)
Fixes an issue where sometimes the OfflineUpdater tool fails to update the signatures database on the client side.
Fixes an issue that may cause a failure in an upgrade, or in an uninstall process.
Anti-Ransomware, Behavioral Guard and Forensics
The latest version of the Anti-Ransomware Honeypots are now correctly installed when upgrading from previous versions.
Anti-Ransomware Honeypots no longer stop working if they receive a second Anti-Ransomware policy update.
Disabling Forensics now correctly disables Anti-Ransomware completely, including removing all Anti-Ransomware Honeypot files.
Fixes an issue where Process information is corrupted before being inserted into the Forensics Database. With the fix, the number of instances of unknown processes in a Forensics report is dramatically reduced.
Fixes a rare case where the last received Forensics, Anti-Ransomware and Behavioral Guard policies are not saved and used, when the client cannot connect to the Management Server.
Fixes a rare crash in Forensics, when receiving policy before the full Forensics initialization is complete.
Fixes an issue where certain exclusions for Anti-Ransomware are not enforced, if the user logs in before the full service initialization is complete.
Threat Emulation and Anti-Exploit
Resolves an issue where, in some cases, Threat Emulation may not deploy the SBA4B Chrome extension if a user has other (non-Check Point) extensions.
Makes sure that Threat Emulation avoids a crash when the database is very large.
Anti-Exploit now turns off completely when used with a third party Anti-Virus. Check Point's Anti-Malware will not cause Anti-Exploit to disable.
Fixes a very rare issue where Anti-Exploit does not completely parse the policy from the Management.
Install / Uninstall
Fixes a rare case where an unrequired reboot occurs after upgrade.
Resolves a rare issue where a crash happens on an uninstall and upgrade.
Changes the upgrade retry frequency and removes unnecessary user interface popups.
Removes a "Validation failed" message that is displayed in error, during an upgrade from an old version.
Updates the list of supported Windows 10 versions in Compliance blade to include versions 1809 and 1803.
Fixes an issue where the Full Disk Encryption policy is sometimes not updated.
Improves the security of the client when using hard linked files.
CVE-2019-8452: Prior to Check Point Endpoint Security Client for Windows E80.96, a hard-link from the log file archive to any file on the system changes permission so that all users can access the linked file. Doing this on files with limited access gains the local attacker higher privileges to the file.
CVE-2019-8454: Prior to Check Point Endpoint Security Client for Windows E80.96, a local attacker could create a hard-link between a file to which Endpoint Security Client for Windows writes and another BAT file. Then, by impersonating the WPAD server, the attacker could write BAT commands into that file to be run later by the user or the system.
Reduces end-user popups and notifications to the items that require user knowledge or intervention.
Starting from E80.85, SandBlast Agent improves coverage of malicious threats by sending anonymized Incident related data to the Check Point Threat Cloud. This feature is turned on by default. For more information, including how to disable this feature, refer to sk129753.
To support SmartLog or SmartView Tracker reporting with Endpoint Security Clients for all supported servers (except R80.20), you must update the log schema. Follow instructions in sk106662.
Endpoint Security E80.96 Clients
E80.96 Endpoint Security Clients for Windows OS (Recommended)
A zip file that contains all package permutations listed below.
E80.96 Complete Endpoint Security Client for 32 bit systems