MetaDefender Core v5.2.0 Release

Product Overview

OPSWAT MetaDefender Core protects your organization by preventing advanced cybersecurity threats on multiple data channels. MetaDefender Core leverages several proprietary technologies, including Deep Content Disarm and Reconstruction (Deep CDR), Multiscanning, File-Based Vulnerability Assessment, Data Loss Prevention and Threat Intelligence to provide comprehensive protection for your networks and infrastructure against increasingly sophisticated malware.

Release Highlights

New Supported Operating Systems

Release version 5.2.0 comes with 2 additional supported operating systems (OS): Windows Server 2022 and Debian 11. The list of all the supported OS for both Windows and Linux deployments can be found here.

Exporting Executive Report to PDF

Administrators and authenticated users can now easily export the Executive Report to PDF to share and use it outside of the MetaDefender Core instance. The information in the exported report is limited to that the user has the right to access.

File Digital Signature Verification

File signature information examination is a new security step in the MetaDefender Core file processing workflow. If a file digital signature is recognized, a "Signed file" icon appears under the file's name in the file processing result to indicate the signature status. It is also presented in the JSON scan result and calculated for statistics in the Executive Report.

Another advantage of this feature is that it enables administrators to set allowlist (whitelist) policy based on vendor names. This feature is only applied to portable executable (PE) files, including .acm, .ax, .cpl, .dll, .drv, .efi, .exe, .mui, .ocx, .scr, .sys, and .tsp.

Blocked Leaf Files Filter in Archive File Processing Result

A blocked leaf file is the child file that is blocked during archive processing. To facilitate further investigation and optimize user experience, a quick filter is provided to list out all blocked leaf files in a blocked archive result. Users can easily find the exact leaf files, which make the root archive ‘blocked’, by checking "Show blocked leaf files" in the processing result. The maximum number of blocked leaf files shown in a file processing result is 100.

Blocked Reasons Exposure

Starting from this release, users can quickly get all blocked reasons on the processing details UI page. This newly added information helps give further context on unclear failures and helps in troubleshooting.

New setting for archive sanitization configuration

After archive sanitization, by default, all allowed child files (or their sanitized versions if available) and sanitized versions of blocked child files are packed into the reconstructed archive that is provided to end-users. To better adapt to our customers' requirements, this release introduces a new setting in the Deep CDR workflow configuration that enables administrators to exclude sanitized versions of blocked child files from the sanitized version of the archive output file.

CDR tag on processing details UI page

With new CDR tags in archive processing results, users can now spot at a glance which child files are successfully sanitized and which are not.

3rd Party Component Upgrades

As a regular security practice, we upgraded 3rd party dependencies and development frameworks to prevent critical vulnerabilities. Here are the two upgrades in this release:

  • OpenSSL was upgraded to version 3.
  • Qt framework was upgraded to version 6.

Other enhancements and updates:

  • New data retention for statistics setting.
  • Option to skip welcome & upgrade pages.
  • New sanitization result indicating a skipped sanitization due to Deep CDR configurations.
  • "Waiting child files" in average processing time is now calculated separately.

Many more improvements in user experience, product stability and product UI can be found in our release notes.

Release Details

  • Product: MetaDefender Core
  • Release Date: 12 July 2022
  • Release Notes: 5.2.0
  • Download Link on OPSWAT Portal: Download
Sign up for Blog updates!
Get information and insight from the leader in advanced threat prevention.