Skip to main content

Snow Inventory Agent for Windows 7

Here you can find the release notes for Snow Inventory Agent for Windows 7. You can find the old release notes on the Snow Globe.


7.2.0 latest

Release date: 2024-11-06

Enhancements

Service Control
(CDC-5352)

  • The agent service affinity can now be controlled via the agent configuration by using the process_affinity system setting. For more information, see configuration-doc.html. (SNOW-I-2760)

(CDC-5388)

  • A new service command sc control snowinventoryagent5 131 is available to only perform a scan and not send the snowpack. (IDEAS-I-2613)

Corrections

(CDC-5454)

  • A potential buffer overflow vulnerability, where supplying an update package signed by an AES key bigger than 16 bytes would lead to memory corruption, has been fixed.

7.1.0

Release date: 2024-10-02

Enhancements

(CDC-5320)

  • Internal libraries and dependencies required by Snow Inventory Agent for Windows have been updated.

7.0.3

Release date: 2024-08-21

Corrections

(SIT-3586)

  • The total memory size is now correctly calculated on 32-Bit systems (04768013).

7.0.2

Release date: 2024-06-19

Enhancements

(CDC-5243)

  • Snow Inventory Firefox Browser extension has been updated to version 1.0.5. Find more details in the Release Notes of the Firefox Extension.

7.0.1

Release date: 2024-05-08

Enhancements

Security
(CDC-5115)

  • The Command Prompt (cmd.exe) is now always referenced through the system directory, for instance C:\Windows\System32 to protect against arbitrary code execution.

(CDC-5116)

  • Further improvements to the way that the agent loads and utilizes DLLs have been made to ensure secure loading to prevent DLL preloading.

(CDC-5137)

  • The agent now uses Authenticode to verify the digital signature of the Java binary before executing it to protect against arbitrary code execution.

7.0.0

Release date: 2024-02-08

Compatibility
(SIT-3593)
Please refer to the Compatibility matrix for supported versions of 3rd-party systems.

New

Scanning Process
PowerShell Scripts
(CDC-5025)

  • Introduced the #MediumIntegrityLevel comment-style flag to control the requirement for medium integrity from within the PowerShell script. Scripts without this comment will be executed in low integrity.

  • PowerShell scripts, which require medium integrity, need to be signed with a valid signature.

Enhancements

Security
(CDC-5047)

  • This release includes security enhancements. Read more about CVE-2024-1149 and CVE-2024-1150 on Snow Globe.

Corrections

(SIT-3139)

  • An issue concerning a memory buffer that was not properly terminated has been corrected and as a result, random characters will no longer be included in the Device Name field in the .snowpack file. (04735241)

Deprecated

(CDC-5048)

  • Support for *.snow-ps1 PowerShell scripts has been removed. Read more about CVE-2023-7169 on Snow Globe.
  • Support for script decryption has been removed. The powershell.encryption_key setting in the configuration file has been deprecated.


Flexera does not own the third party trademarks, software, products, or tools (collectively, the "Third Party Products") referenced herein. Third Party Product updates, including user interface updates, may not be reflected in this content.