Release notes for UXM Desktop Agent and Browser extensions.
2024
UXM Desktop Agent 2024.11.28
Requires uxmapp 2023.10.31
Exe: https://download.uxmapp.com/windows/20241128/UXM_Desktop_Agent_x64_2024.11.28.exe
MSI: https://download.uxmapp.com/windows/20241128/UXM_Desktop_Agent_x64_2024.11.28.msi
Windows Store: https://apps.microsoft.com/store/detail/XP8LTPPJD8L070
New Features:
- [GPO] Create GPO settings for AD/Intune in ADM/ADMX files (#339)
- [GreenTerminal] ? not detected in KeyPressSequence (#337)
- Collect machine info from MS Active Directory (AD) (#299)
- [avd/rds] Capture Farm Name, Graphics, User Input Delay Per Session counters and detect RDP connections better (#126)
- [disk] Get and store Disk Serial Number from WMI (#360)
- [WiFi] Gather SSID from WiFi network conected to (#336)
- [EventLog] Capture and send Task Category, Keywords and Username (#346)
- Browser extensions send data as directly http / protobuf or both (#344)
- Browser extensions support basic monitoring (#343)
Bug fixes:
- Hang detection fails to find correct Process Name and Application because new Process Overlaps with Not responding on Windows 11 (#359)
- Product Version and Product Company is often empty due to invalid Langauge settings in process. (#332)
- [wmi] Hostname is empty and lookup_key invalid if agent fails to query WMI data
- [ProcessMonitor] Capture CPU/Memory usage for protected processes like msmpeng.exe (#365)
- [sync] Agent stops receiving config and send data if collector is down or returns 5xx errors (#368)
- [WMI] Windows 7 and 8.1 - Next failed on Win32_PhysicalMemoryArray with error 0x80041017 (#362)
Security fixes:
- [security] Upgrade curl from 8.9.1 t 8.11 to fix 1x Low (CVE-2024-9681), 1x Medium (CVE-2024-8096) (#367)
- [vulnerability] Curl 8.7.1 upgrade to 8.9.1 to fix low/medium severity vulnerabilies when released (#348)
- [vulnerability] Curl 8.6.0 upgrade to 8.7.1 to fix low/medium severity vulnerabilies when released (#325)
- [security] Upgrade Poco 1.13.2 to 1.13.3 (#329)
- [security] Upgrade libexpat from 2.6.2 to 2.6.4 to fix 1x High (CVE-2024-45490) 2x Critical (CVE-2024-45491, CVE-2024-45492) (#366)
- [security] Update to zlib 1.3.1 to fix CVE-2023-45853 (9.8 CRITICAL) (#370)
Versions in release:
Framework | Type | Version |
---|---|---|
poco | Static linking | 1.13.3 |
protobuf | Static linking | 3.21.11 |
OpenSSL | Static linking | 3.0.15 |
curl binary distribution under: C:\Program Files\Systemslab\UXM Desktop Agent\Monitors\curl | Binary distribution | 8.11.0 |
UXM Desktop Agent 2024.04.02
Requires uxmapp 2023.10.31
Exe: https://download.uxmapp.com/windows/20240402/UXM_Desktop_Agent_x64_2024.04.02.exe
MSI: https://download.uxmapp.com/windows/20240402/UXM_Desktop_Agent_x64_2024.04.02.msi
New Features:
- Reflection HLLAPI Helper app to support Green Terminal (#322)
- Capture Device status (#315)
- Monitors\installedsoftware.xml not updated on package installation/deinstallation, monitor AppX/MSI installs and uninstalls and update file (#296)
- [citrix] Capture citrix_euem_client_connect info and citrix_euem_client_startup.application_name for transactions data (#279)
- [transaction] MDI Child Forms capture Child Form that was clicked in (#320)
Bug fixes:
- [citrix] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Citrix\wfshell\TWI\LogoffCheckSysModules overridden, could cause Citrix sessions to not logoff correctly (#323)
- [bug] Poco::Net::uninitializeSSL crashes PCAgent.exe (#326)
Security fixes:
- [security] Upgrade Poco 1.13.0 to 1.13.2 (#324)
Versions in release:
Framework | Type | Version |
---|---|---|
poco | Static linking | 1.13.2 |
protobuf | Static linking | 3.21.11 |
OpenSSL | Static linking | 3.0.13 |
curl binary distribution under: C:\Program Files\Systemslab\UXM Desktop Agent\Monitors\curl | Binary distribution | 8.6.0 |
UXM Desktop Agent 2024.02.05
Requires uxmapp 2023.10.31
Bug fixes:
- Ping timeouts doesn't measure the timeout of 5 seconds in Time (#314)
- [monitors] Increase maximum concurrent monitors running from 16 to 30 (#316)
Security fixes:
- [vulnerability] Curl 8.5.0 upgrade to 8.6.0 to fix low severity vulnerability (#318)
- [poco] Update Poco to 1.13 (#317)
Versions in release:
Framework | Type | Version |
---|---|---|
poco | Static linking | 1.13.0 |
protobuf | Static linking | 3.21.11 |
OpenSSL | Static linking | 3.0.12 |
curl binary distribution under: C:\Program Files\Systemslab\UXM Desktop Agent\Monitors\curl | Binary distribution | 8.6.0 |
UXM Browser Extensions 2024.01.02
New Features:
- [javascript] Add Elastic and Splunk JavaScripts to Type and inject them via Browser Extension (#46)
- Send Lookup_key, hostname and ExtensionID, BrowserName, Collector used , support_ipc is enabled (#45)
- Send browser timings immediately for FleetWave iframe before it unloads after save operation
Security:
- [security] Change collector to read only field (#63)
- [security] Redirect data contains confidential token info (#53)
- [security] Remove unused tabs permission (#54)
Bug fixes:
- Increase Timeout for XHR calls to 3 minutes (#52)
Browser | Web Store Url | Extension Key |
---|---|---|
Chrome | https://chromewebstore.google.com/detail/uxm-web-performance-monit/iilkkemeagoeimfiklijgaeblnfpknlk?hl=en&authuser=0 | iilkkemeagoeimfiklijgaeblnfpknlk;https://clients2.google.com/service/update2/crx |
Edge | https://microsoftedge.microsoft.com/addons/detail/paebooopiahamjlhelhpjdfelgelclpi | paebooopiahamjlhelhpjdfelgelclpi;https://edge.microsoft.com/extensionwebstorebase/v1/crx |
Firefox | Awaiting deploy |
2023
2023.12.11 (requires UXMapp 2023.06.29-rc4)
New Features:
- [terminal] Allow Location/State change events to be captured/used for desktop profile transaction rules (#309)
- Ensure Desktop Agent sends all fields for determining endpoint group (add model, manufacturer, internal_ip) (#304)
- TCP Ping/Connect Tests store IP connected to for Round Robin DNS (#274)
- Collect machine info from MS Active Directory (AD) (#299)
Bug fixes:
- [ping] ICMPException on pinging host: x, ip: X.X.X.X, exception: No response: expected 40, received: 0 (#310)
Security fixes:
- [poco] Update Poco to 1.12.5p1 to fix [Error] Failed to load OpenSSL legacy provider when using OpenSSL 3 (#305)
- [poco] Update Poco to 1.12.5p2 (#312)
- [vulnerability] Curl 8.4.0 upgrade to 8.5.0 to fix multiple vulnerabilities (#311)
Versions in release:
Framework | Type | Version |
---|---|---|
poco | Static linking | 1.12.5p2 |
protobuf | Static linking | 3.21.11 |
OpenSSL | Static linking | 3.0.12 |
curl binary distribution under: C:\Program Files\Systemslab\UXM Desktop Agent\Monitors\curl | Binary distribution | 8.5.0 |
2023.11.02 (requires UXMapp 2023.06.29-rc4)
New Features:
- [exe] Renamed installer to include x64 in build name to indicate it's only for x64 machines, use the x32 MSI installer for x32/x86 bit machines
Bug fixes:
- [exe] Installer - Access is denied when upgrading PCAgentUI.exe or NativeMessageHost.exe due to Running or Session Mismatch in RestartManager (#297)
Security fixes:
- [security] OpenSSL 1.1.1 - EOL on 11th September 2023 - Upgrade to 3.0 LTS (#271)
Versions in release:
Framework | Type | Version |
---|---|---|
poco | Static linking | 1.12.4 |
protobuf | Static linking | 3.21.11 |
OpenSSL | Static linking | 3.0.12 |
curl binary distribution under: C:\Program Files\Systemslab\UXM Desktop Agent\Monitors\curl | Binary distribution | 8.4.0 |
2023.10.12 (requires UXMapp 2023.06.29-rc4)
New Features:
- [application usage] Capture executable Product version and store as dimension product_version under metrics uxm.monitor.process.foreground.* and uxm.application.foreground.* (#283)
- [stability] Set desktop PCAgent service to auto-restart after 15 minutes on crashes (#277)
Bug fixes:
- [crash] PCAgent!Monitor::Tasks::MonitorProcessTask::`scalar deleting destructor' in PCAgent!WMI::Cleanup (#281)
- [bug] Desktop agent crashes on machines that connects/disconnects from VPN/WiFi often (#280)
Security fixes:
- [security] Upgrade Visual Studio 2022 from 17.5 to 17.7.5 on build server (#290)
- [security] Upgrade OpenSSL from 1.1.1v to 1.1.1w that UXM links with from on build server. (#288)
- [security] Curl 8.1.2 upgrade to 8.4.0 to fix multiple vulnerabilities and 1x high (#287)
Versions in release:
Framework | Type | Version |
---|---|---|
poco | Static linking | 1.12.4 |
protobuf | Static linking | 3.21.11 |
OpenSSL | Static linking | 1.1.1w |
curl binary distribution under: C:\Program Files\Systemslab\UXM Desktop Agent\Monitors\curl | Binary distribution | 8.4.0 |
2023.08.14 (requires UXMapp 2023.06.29-rc4)
Features:
- Virtualization Monitor: Parse image version from C:\Personality.ini on citrix servers (#269)
- Endpoint Monitor: Capture monitors attached to windows endpoint (#270)
Bug fixes:
- fix: Logs spammed with EventLog: [Error] EvtNext failed with 6 (ERROR_INVALID_HANDLE 0x6 error) (#268)
- fix: PCAgentUI doesn't start when Citrix login is slow > 2 minutes (No processes found that could be duplicated), duplicating from processes
sihost
andtaskhostw
(#261)
Security fixes:
- security: upgraded OpenSSL to 1.1.1.v
2023.07.04 (requires UXMapp 2023.06.29-rc4)
Features:
- Desktop Transaction Recorder - Convert activities from other vendors to UXM Desktop Transaction Profiles.
- Virtualization Monitor: Send client_machine_name in metrics (#258)
Bug fixes:
- fix: fix duplicated collection of installed programs, installed programs is only send by endpoint monitor and not during agent registration. (#253)
- fix: Poco package - Don't sort returned IP list, breaks DNS Round Robin support and forcing all data to single Heavy Forwarder. (#265)
Security fixes:
- security: upgrade embedded curl 7.75 to 8.1.2 to fix multiple vulnerabilities. (#266)
2023.04.11 (requires UXMapp 2022.03.14)
Features:
- Application Usage detection for Java, AppX, Office and Prod/Test applications (#238)
- Endpoint Monitor - Capture Chrome crashes (#28)
- Hash username send to browser extension (#254)
- Installed programs only send each X days to limit data send from 10.000 agents (#253)
- Desktop Transaction Recorder - Monitor filter on 1 user session to avoid data from others (#248)
Bug fixes:
- Desktop Transaction Recorder - Support recording as non admin user on Citrix with AppLocker enabled (#244)
- Desktop Transaction Recorder - Store Sessions under Systemslab path (#207)
Security fixes:
- Disable NamedPipe for IE if not enabled. (#250)
- Upgrade Protobuf to 3.21.11 - Fix Denial of Service vulnerability (#242)
- Upgrade to OpenSSL 1.1.1t (#241)
- Upgrade Poco to 1.12.4 - Fix vulnerability in zlib and libexpact (#240)
2023.01.31 (requires UXMapp 2022.03.14)
Features:
- Network Scanner Monitor task - Query MAC, Hostname and MAC Vendor detection (#234)
- Allow Monitor processName to be regex, contains or starts with in Desktop profiles (#226)
- Process Monitor - Capture top memory heavy processes to detect who is using memory (#182)
- Update Root CA certificate file at each release (#205)
Bug fixes:
- Citrix sessions gets disconnected and logout get incorrect correlation_id (#228)
2022
2022.08.19 (requires UXMapp 2022.03.14)
Features:
- Support for new Edge and Firefox extensions sending data through UXM Desktop.
- Endpoint Monitor - Installed Software - detect AppX packages
Bug fixes:
- fix stack-based buffer overrun in PCAgent.exe and PCAgentUI.exe IPC and validate that NativeMessageHost dont send to large messages over 75 KB through IPC.
- MSI - Start PCAgent service after PCAgent.config file is written.
- Hosting Firefox extensions on UXM download server.
- Edge Browser Extension was added to incorrect key.
2022.06.24 (requires UXMapp 2022.03.14)
Bug fixes:
- Can't write PCAgent.config when deploying (Excluding predefined PCAgent.config file from installers)
- Desktop Agent not sending version due to permission issues reading it, hard-coded into code now
- Endpoint Monitor - MonitorEndpointTask: EvtSubscribe failed with 87 due to corrupted bookmark file.
- EventLog Monitor - The query ... is not valid - and prepended to EventIDs fixed
- Logon Monitor - Logon duration > 50000 seconds in Citrix due to timestamp being used in calculation from when ICA file was downloaded.
Features:
- Endpoint Monitor - Capture stability (Crashes, BSOD, Stop errors)
- Hyper-V Host collecting info about host machine is running on
- WMI data for TPM, Bios, Memory Slots, Video and Sound Devices
- Windows 11 detection
- VirtualizationMonitor - New monitor that monitors Citrix/RDS RemoteFX channel timings under the users context (PCAgentUI.exe process)
2022.05.19 (Release candidate 2, requires UXMapp 2022.03.14)
Bug fixes:
- ETW: Foreground Process monitoring disabled due to high disk/memory usage.
- Curl arguments not overriden --connect-timeout fails to override in arguments setup.
- Refactored and optimized Foreground monitor to cache process info and lower disk usage.
- Transactions - send WTS username to align with the endpoint monitor.
2022.03.14 (Release candidate 1, requires UXMapp 2022.03.14)
New UXM Desktop agent features:
- Default install path is C:\Program Files\Systemslab, C:\Program Files\MCG will be re-used if upgrading older agents.
- Process monitor - Enabled ETW tracing on Windows 8+ and capturing ForegroundInfo and Input/Message delays to detect applications that are freezing often.
- Endpoint monitor - Send all IP/MAC addresses, detect if WiFIi/LAN is used andif user is on VPN, resending endpoint info on network changes.
- IE11 - Capture visited FQDN and send to UXM via Low Mandatory Level NamedPipe.
- HTTP Client - Send MultiMessage each minute with all messages to avoid HTTP Headers overhead when sending multiple messages to UXM collector each minute.
Bug fixes:
- Keyboard monitor - Disabled AttachThreadInput and GetFocus, it caused delays in programs that communicates with monitored programs via SendInput Windows Messages. (Barcode readers, Browser Integrations, 3D Mouses with Macro/Hostkeys)
- Automation UI/MSAA: Disabled UIAutomation from ObjectShow events, it causes Excel to use 100% CPU and freeze for 3 minutes when working with filters in large 10MB Excel files.
- Curl monitor - Limit logs and response data to 10KB to avoid sending 300~1000 KB logs at each failed Curl run.
- NamedPipe - Use OverlappedIO IPC instead of CompletionRoutines to avoid handle leaks that where detected on large Citrix servers with many daily connecting users, currently fixed to maximum of 25 PCAgentUI.exe processes that can communicate with PCAgent.exe service.
- Perfmon monitor - Clear old counters before re-adding to avoid handle leaks.
- Use RAII to avoid HANDLE leaks in Process monitoring.
2021
2021.12.06
New UXM Desktop agent features:
- Migrated CPU/Memory and crashes to Endpoint monitor that monitors all Endpoint metrics to avoid needing to setup and maintain 2x separate EventLog and Perfmon monitors.
- Citrix/RDS: Collecting channel metrics to detect why latency is slow or unstable.
- Active Directory: Collecting user information from Active Directory when user logs on.
- Logon timings are calculated for Local, RDP and Citrix logons including sub timings for GPO, Profile and Logon script.
2021.08.24
New UXM Desktop agent features:
- Updated code signing certificates.
- Only remove Chrome extension on upgrade/uninstall if it was forced installed to avoid conflicting with GPO's that's deploying the UXM Chrome extension.
- Role, ParentRole and State are now recorded in english and new Localized fields are added. Ease the profile creation for supporting Windows 10 in multiple languages.
The localized language is determined by Windows 10 language settings and installed language package.
Desktop Transaction Profile Recorder
- Increased logging, log files are stored under C:\ProgramData\MCG\UXM PC Agent\Logs.
- Added status of PCAgentUI.exe process that measures transaction, making it possible to restart it when profiles are updated.
2021.08.04
New UXM Desktop agent features:
- New Desktop Transaction Profile Recorder for easing the transaction testing and creation.
- Start/stop profile transaction events in different applications, makes it possible to start measuring in Chrome and finish when Word has loaded document.
- Disable ObjectNameChange, ObjectValueChange, ObjectFocus via profiles for IE and other apps where the events causes delays in collection/timings.
- Gzip/Deflate data send to Splunk HEC collector
Beta features:
- Logon calculation for Desktop/RDP/Citrix
- Battery wear
- MSI installer - Please note that old EXE installer have to be uninstalled first, there is no migration path, so is mainly used for new customers.
2021.06.09
UXM Desktop agent fixes:
- IIS collector fails with HTTP Error 411. The request must be chunked or have a content length when sending files.
2021.05.21
UXM Desktop agent fixes:
- Configure capture FQDN flag send to browser extensions.
- Foreground info polls every 5 seconds and checks if apps is hung / not responding.
- Capturing last_reboot from WMI.
- Allow agent to send log files when requested.
2021.03.23
UXM Desktop agent fixes:
-
IE11: Support enhanced protected mode
- Unique machine UUID was re-read and appended to each night making it longer
2021.02.17
UXM Desktop agent fixes:
- Process monitoring has been moved to Process monitor task and optimized to send top 5 cpu utilizing processes and monitored apps.
- Curl monitor - Curl has been upgrade to version 7.75.0 and issues with parsing status_code and timeouts have been fixed.
2021.01.29
UXM Desktop agent features:
- Generate and send unique machine UUID to replace nodeKey in future version.
- Sending data as HTTP1.1 instead of HTTP1.0
UXM Desktop agent fixes:
- Security Vulnerability: Service path was unquoted, see: https://www.commonexploits.com/unquoted-service-paths/
- ForegroundInfo: Incorrect mapping to Installed programs if programs where installed under C:\ or C:\Program Files.
Chrome/Firefox browser extension:
- Sending info about host/endpoint that browser runs on and user executing browser.
- Support for sites running CSP (Content Security Policies), extensions now send info in content_script.js to avoid being blocked.
- Detects if user are unable to connect to website (DNS error, TCP Timeout, etc)