PowerBroker for Windows 7.8.3.17 Release Notes

July 12, 2019

New Features and Enhancements:

  • Registry Monitoring: The HKEY_CLASSES_ROOT, HKEY_CURRENT_USER and HKEY_USERS registry hives are now supported. HKEY_USERS may be used with a "*" wildcard in place of the user SID (HKEY_USERS\*).

    • Note: The SID field under HKEY_USERS is the only location where a wildcard is supported. If a wildcard is used in any other location it will be interpreted as a regular character for matching purposes.

  • Security Enhancement: A security improvement was made in the area of application launch and verification.
  • Item Level Targeting: Windows Server 2019 has been added to the operating system item level targeting options.
  • Detours: Detours has been upgraded to the latest 4.0.1 release.

Issues Resolved:

  • Caching Issue: Resolved an issue with caching and Publisher rules.
  • User Messages: Resolved an issue with user messages not being removed correctly on policy update. Applies to Central Policy Mode only.
  • File Integrity Rules: Resolved an issue with applying File Integrity rules to the system account.
  • Installer: Resolved an issue with policy mode selection in the installer. The correct policy mode will now be written when selecting This feature, and all subfeatures, will be installed on the local hard drive.
  • UAC Prompt Detected Message: Resolved an issue with an additional user message displaying when providing admin credentials after using the ShowUAC option.
  • ePO: Resolved an issue with performance on McAfee ePO databases.
  • RCSXML.xml: Resolved an issue with loading RCSXML.XML (typically due to NULL characters). The file is renamed to RCSXML_<datetimestamp>_error.xml if it cannot be loaded.
  • Passcode Generator: Resolved an issue with the Standalone Passcode Generator crashing on startup.
  • User Policies: Resolved an issue with not removing User Policy rules from memory when all user policies are removed.

Notes:

  • Microsoft Windows 10 Update 1903: PowerBroker for Windows 7.8.3.17 is compatible with Microsoft Windows 10 Update Version 1903 Build 18362.
  • Group Policy and User Messages: In Group Policy mode, under certain circumstances user messages may not be removed when appropriate. In this case, there are two methods to remove them:
    1. Add a blank privileged identity rule to one of the group policies that is pushing out PowerBroker policy. This will clear out any user messages when gpupdate /force is run.
    1. If the issue is with a global user message, then the group policy can be configured to delete the registry key of the user message, since global user messages have a static GUID. Global user message GUIDS and locations:

      2. IE Elevation: HKEY_LOCAL_MACHINE\SOFTWARE\BeyondTrust\PBDesktops\Messages\{2c5ad0b9-44c2-498a-856c-c302f949d936}

      IE Failure: HKEY_LOCAL_MACHINE\SOFTWARE\BeyondTrust\PBDesktops\Messages\{35e4e2dd-ed4a-420d-8044-a07a7c5268e6}

      On Demand Elevation: HKEY_LOCAL_MACHINE\SOFTWARE\BeyondTrust\PBDesktops\Messages\{95ed0b2b-af9c-4e47-9913-5d613f538345}

      UAC Prompt Detected: HKEY_LOCAL_MACHINE\SOFTWARE\BeyondTrust\PBDesktops\Messages\{8f64518b-ffd3-4b2a-9372-74eace1740b5}