CylancePROTECT Desktop

release notes

Administrators can now initiate a background threat detection scan on demand from the management console.

In the device policy, you can now add memory protection exclusions for third-party application DLLs. For example, if you are running third-party security products in addition to

CylancePROTECT

, you can add an exclusion for the appropriate .dll files so that

CylancePROTECT

ignores specific violations for those products.  

This feature supports the Malicious Payload and System DLL Overwrite violation types only.

The following rules apply when you specify a DLL exclusion:

You must select the
Treat as DLL exclusion
option in the device policy.
The device must be running
CylancePROTECT Desktop
agent version 3.1.1001 or later on a
Windows
device. 
The exclusion file path that you specify must be the full, direct path to the .dll file. Wildcards are not allowed.
The .dll file must be signed using a certificate that is trusted on the device where
CylancePROTECT Desktop
is installed. Otherwise, it will not be excluded.

Administrators can now configure a script control setting in the device policy for protection against XLM macros. When a macro is executed, the agent responds to the

Microsoft

anti-malware scanning interface according to the device policy.

This feature requires the following:

Microsoft Windows
10 or later
CylancePROTECT Desktop
agent version 3.1
VBA macros must be disabled in the
Excel
File > Trust Center > Excel Trust Center > Macro Settings
menu.

The

CylancePROTECT Desktop

agent 3.1.1000 for

Linux

devices can now request an update to the latest supported driver when an updated kernel is detected on the system. For example, if the

Linux

kernel is updated and the current installed driver does not support it, the agent can now automatically update the driver as soon as a compatible driver is released. This feature requires

CylancePROTECT Desktop

agent version 3.1.1000 and the agent driver version 3.1.1000 or later. 

To enable this feature, select the

Auto-update Linux Driver

option in the zone-based update rule from the

Settings > Update

menu in the management console.

Administrators can now set a custom interval to run background threat detection scanning from the device policy. The date of the last scan for each device is logged in the management console. The scan interval can be set between 1 and 90 days. The default scan interval is 10 days. Note that increasing the frequency of the scans may impact the device performance. You can also start the scan manually from the command line.

This feature requires

CylancePROTECT Desktop

agent 3.1.1000 or later.