Malicious indicators are now included in Threat Emulation report for HTML files identified as malicious, providing clearer context for threat analysis
Password handling for encrypted 7z archive files has been improved to enable more reliable detection and extraction
Expanded file type support for .VBE, .VBA, .URL, and .WEBSITE files
False positive detections caused by attempted directory traversal in archive files have been resolved
Resolved an issue where some emulation requests for Windows 11 image via Threat Prevention API returned a 'NOT FOUND' response
Fixed a bug that prevented correct enforcement of user-defined blocking policies for password-protected Office documents and PDF files
15 Apr 2025
11.27
60.990002092
Screenshots of malicious PDF files are now displayed in the Threat Emulation report for improved threat visibility
New version of Yara introduces enhanced capabilities for static file analysis
Anti-Virus logs for all malicious files submitted via TP API are now viewable in Smart Console
Fixed a bug where Anti-Virus API requests scanning archive files would sometimes return a 'NOT FOUND' result
15 Mar 2025
11.26
60.990002045
Full emulation support for JavaScript files is now available when some required conditions are met (currently in cloud mode only)
Enhanced classification of Linux .ELF files
15 Feb 2025
11.25
60.990002008
Enhanced incrimination logic for "In Context Emulation" (refer to In-Context Emulation: Advanced Malware Detection). Archives containing correlated EXE and DLL files that trigger malicious activity will now be blocked, even if the EXE is recognized as legitimate software
Resolved a crash in Archive Tool process, which could occur in specific edge cases during extraction
15 Jan 2025
11.24
60.990001046
Enhanced logic is now used to determine which PDF files undergo full emulation. A greater number of suspicious PDF files will be emulated, ensuring improved accuracy
Resolved a rare crash that could occur while scanning a high volume of large files simultaneously
