Endpoint Client now supports new Push Operations: creating and deleting a VPN site and registry key or value, collecting processes information from the client machine, and moving or deleting a file on the client machine.
Endpoint Client now supports turning ON/OFF admin-enabled capabilities.
Harmony Endpoint now supports multi-users in Windows environments. The solution includes Microsoft Terminal Servers (RDS), Citrix Virtual Apps (XenApp), and VMware Horizon Apps. See also sk176939 or the Harmony Endpoint Administration Guide.
In a Nutshell
E86.40 Endpoint Security Clients for Windows OS
E86.40 Endpoint Security Clients for Windows OS - Dynamic package
Watchdog consumes high CPU resources on Windows server.
The password generation algorithm for the super node is 128 characters, instead of the default 14 characters.
In a rare scenario, when used for a long time without doing updates, Window 7 machines lose network connection after upgrading to Endpoint Security version E86.25.
Firewall and Application Control
In a rare scenario, a machine gets BSOD caused by a Firewall driver during a high traffic condition.
When using the "Shutdown Network Protection" feature, IPv6 traffic is not enabled.
In a rare scenario, the Application Control process ("Vsmon") consumes overly high CPU resources.
Anti-Malware signatures do not download to the Shared Signature folder if the folder already exists. This is relevant to only a VDI non-persistent environment.
Enhancement: The Anti-Malware scheduled and initial scans are now only done when the machine is idle.
Enhancement: Added a new log entry to show a failure to restore a quarantined file.
Enhancement: In the new user interface, the administrator can allow the user to enable and disable blades.
Enhancement: A memory use reduction mechanism is now in place, which reduces RAM consumption when the user closes the user interface window.
Enhancement: Push Operation Status Description looks unclear or similar to Chinese characters.
After an upgrade, all blades fail to run in the user interface.
Full Disk Encryption is displayed as OFF on the user interface if disabled by the administrator.
When a user starts a scan, he can pause it and log out. Then a different user logs in, but the user interface is stuck on the first scan and cannot end it.
In a rare scenario, an upgrade of Endpoint Security Client results in a missing tray icon.
If allowed by the administrator, users are now able to permanently disable (turn off) network protection on their computers in the new UI.
Endpoint Client repair initiated by local user fails to repair VPN.
Media Encryption and Port Protection
The volume name and lock icon are missing on Media Encryption & Port Protection encrypted volume.
Enhancement: Integration with SASA Gatescanner Desktop in the Media Encryption and Port Protection authorization scanning feature, see sk178766.
In some scenarios, in Windows 7 and early versions of Windows 10, the peripheral device name is reported to the server with garbage characters.
An exclusion by Secure Hash Algorithm 1 (SHA1) now affects the browser extension's file download protection. When an excluded file is downloaded, the browser extension skips its inspection and downloads it immediately, without emulation or extraction.
Enhancement: Improved the Anti-Bot blade's reputation mechanism.
Host Threat Prevention
Fix for CVE-2022-23742: Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links. See sk179132.
Starting from E80.85, Harmony Endpoint improves coverage of malicious threats by sending anonymized Incident related data to the Check Point Threat Cloud. This feature is turned on by default. For more information, including how to disable this feature, refer to sk129753.
To support SmartLog or SmartView Tracker reporting with Endpoint Security Clients for all supported servers (except R80.20), you must update the log schema. Follow instructions in sk106662.
If you use a modern UI, then when you try to override the encryption policy, through the “User Check” and click “More Options”, the UI does not display the justification screen and the explorer window stops responding.
Documentation and Related SecureKnowledge Articles