Fixes a minor security issue with the SBA browser extension.
Fixes an issue with restore files from a quarantine operation via push operation on paths with non-English characters.
Anti-Ransomware, Behavioral Guard and Forensics
Fixes a rare BSOD on the epnetflt driver when handling DNS communication parsing.
Fixes an issue in Forensics, where if a silent detection occurs prior to an active detection on the same process, the report is not generated for the active detection. This also affects the Anti-Ransomware UI screens.
Fixes an issue where exclusions based on a process with a rule name are not enforced in Behavioral Guard when the rule involves more than one process.
Fixes a very rare issue in Behavioral Guard that is related to an infinite loop.
Fixes an Anti-Ransomware false positive related to filehistory.exe.
Aligns the default local backup policy to the default Management backup policy for Anti-Ransomware.
Firewall and Application Control
Fixes an issue when the "Disconnect Wireless connection when connected by LAN" feature does not work on Windows 10 version 1903.
Fixes an uncommon issue where the installation fails to upgrade the firewall driver.
Fixes an issue when the installer fails to install VPN or Firewall due to reaching the maximum number of network filters on Window 8 and above.
Install / Uninstall
CVE-2019-8461: Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. An attacker can leverage this to gain LPE using a specially crafted DLL placed in any PATH location accessible with write permissions to the user.
Starting from E80.85, SandBlast Agent improves coverage of malicious threats by sending anonymized Incident related data to the Check Point Threat Cloud. This feature is turned on by default. For more information, including how to disable this feature, refer to sk129753.
To support SmartLog or SmartView Tracker reporting with Endpoint Security Clients for all supported servers (except R80.20), you must update the log schema. Follow instructions in sk106662.
Endpoint Security E81.30_HF Clients
E81.30_HF Endpoint Security Clients for Windows OS (Recommended)
A zip file that contains all package permutations listed below.
E81.30_HF Complete Endpoint Security Client for 32 bit systems