May 31, 2018
Changes made to the Anti-rootkit API:
- Now the component is able to read, parse and scan UEFI firmware code.
- Behaviour analysis and threat neutralisation routines incorporate machine-learning technologies.
- Enhanced behaviour analysis for running processes (fewer Preventive Protection false positives).
- Improved detection for active infections (latest threats).
Changes made to the Dr.Web Net filtering Service:
- The resolved issues involving FTP connections include:
- An issue that prevented Acronis True Image 2018 from using an FTP server as a backup destination.
- An FTP server being inaccessible over CyberDuck.
Changes made to the updating module:
- An infinite loop issue that could arise after code 407 (Proxy Authentication Required) was repeatedly returned by the Dr.Web updating server has been resolved.
- Improved routines for interaction with update servers and mirrors.
Changes made to the Control Service:
- An issue that prevented system restart from being initiated via a corresponding Dr.Web notification under a standard user account has been resolved.
- Also eliminated, was a defect that prevented notifications on outdated virus databases from being displayed in Windows Security Center if sleep mode was activated.
- An issue that prevented the service from starting if the Dr.Web Scanning Engine operation was disrupted upon launch has been resolved.
- Protection components status information and the updating schedule are now saved correctly when sleep mode is toggled on and off.
- Faster threat detection and neutralisation.
Changes made to the scanner:
- An issue involving a custom scan list being cleared after system restart has been resolved.
- Correct text is now displayed in the statistics about threats to which the "Ignore" action was applied.
Changes made to the Dr.Web File System Monitor:
- A defect involving scan exception settings being disregarded for the applications launched from shared network folders has been corrected.
Dr.Web Net Filter for Windows driver and Dr.Web Firewall for Windows driver:
- New WSL application features under Windows 10 (update 1803) are now supported.
Changes made to the Firewall:
- The packet filter can be toggled on/off.
Changes made to the Agent:
- The option to block devices by a specific bus is now available in the Devices section.
- The packet filter can now be toggled on/off.
- Symbols "/" and "-" can be used to define regular expressions and IP address ranges in the firewall packet filtering rules.
- Minor tweaks in packet filtering settings.
- The information about detected malware also includes data about complex threats that have been disarmed during a background scan.
- The Quarantine Manager provides information about objects whose recovery requires a system restart.
- An issue that interfered with recovering files that were moved to the Quarantine from a disk root directory has been resolved.
- Also corrected, was a defect that caused the UI to freeze if multiple threats were neutralised in a short period of time.
- Minor Quarantine Manager UI tweaks have been introduced.
- An issue that prevented the drop-down menu and pop-up tips from being displayed correctly under Windows Vista has been resolved.
- The update also delivers minor UI tweaks in the statistics section.
- The UI elements are more clearly visible when high contrast Windows themes are being used.
- An issue preventing a OneDrive directory from being displayed correctly in the application's dialogue boxes under Windows 10 has been resolved.
- Now WSL applications can be selected in the browse dialogue when a firewall rule is being created under Windows 10.
- System restart prompts are no longer displayed to users who don't have sufficient privileges to perform the action.
- An issue interfering with scrolling through the list of available languages has been fixed.
Changes made to Dr.Web Security Space, Anti-virus for Windows setup:
- Detection of existing ESET anti-virus installations has been improved, so users can be warned about compatibility issues when Dr.Web installation is being started.
- Now Dr.Web installation can't be started if the product was previously removed without a system restart.
- The Dr.Web plugin for MS Outlook is not listed as an installable feature if the respective application is not present in the system.
Changes made to the Dr.Web plugin for MS Outlook:
- Now the plugin loads faster when MS Outlook is being launched.
Changes made to Dr.Web Device Guard for Windows:
- Now selected device classes can be blocked for a specific bus.
Dr.Web Security Space and Dr.Web Anti-virus user guides have been updated, too.
The update will be performed automatically; however, a system reboot will be required.
Tell us what you think
You will be awarded one Dr.Webling per comment. To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.