Version 9.4.4
Detection Improvements
- LLAM-7335: Improved detection of malware detecting the presence of known hypervisors via CPUID instruction.
- LLAM-7313: Improved detection for samples that overrides SEH with a custom handler.
- LLAM-7057: Improved detection of XLSB documents that make use of malicious formulas.
Bug Fixes and Improvements
- LLAM-7173: Fix to an issue where phishing denylist could not be updated when an appliance was behind a proxy
Deprecation of API Methods
No additional API methods are being deprecated or discontinued in this release.
The Lastline API documentation includes a deprecation schedule for methods in the legacy API, as well as information on how to replace usage of these deprecated methods with supported methods.
Released Appliance Versions
As part of this release, we are making available the following versions of Lastline appliances for use with Lastline Analyst On-Premises and Lastline Detonator On-Premises:
- Lastline Analyst version 1110.7
and for Lastline Detonator On-Premises:
- Lastline Manager version 1110.7
- Lastline Engine version 1110.7
Released Sandbox Images Versions
The sandbox images version will remain at 2020-03-13-01.
Distribution Upgrade
Version 9.4.4 will be the final version that supports Ubuntu Xenial as the operating system distribution. In all future releases, Ubuntu Bionic will be required. To support this distribution upgrade, 9.4.4 will support both Ubuntu Xenial and Ubuntu Bionic. Before upgrading to any future version, appliances on Ubuntu Xenial must be upgraded to Ubuntu Bionic while running version 9.4.4. The upgrade of the distribution will require a reboot and may take up to an hour to complete.
You can check the distribution in use by an appliance in the Appliance Status view of the portal. The "Base Distribution" listed should be "bionic". If it is "xenial", the appliance distribution needs to be upgraded.
For help on the upgrade process, please refer to the following instructions. This update is not done automatically to prevent unexpected downtime.