Arc 1.6.0
The release notes for Arc version 1.6.0.
Resolved issues
A list of all the issues that have been resolved in this release.
- Arc-413: The Local Configuration UI is now protected by an authentication mechanism with an OTP generated at startup.
- Arc-414: Fixed a vulnerability that might be exploited on Linux or macOS to execute arbitrary code.
- Arc-415: Permissions on arc.json are now more restricted preventing access for standard Windows users.
- Arc-416: Arc is now resilient to zip-slip vulnerabilities.
- Arc-425: Improved the robustness of the parser for evtx logs.
- Arc-452: Fixed an issue that prevented the matching of Sigma rules containing null information in a field.
- Arc-481: Fixed a sporadic crash in the Windows executable.
- Arc-493: Fixed a missing library problem for Windows 7.
- Arc-496: Fixed sporadic false positive matches in the Sigma engine.
- Arc-519: Fixed a problem related to Sigma rules synchronization.
- Arc-520: Fixed a problem in the traffic monitoring feature that caused packets greater than 1500 bytes to be truncated.
New features
A list of new features that have been introduced in this release.
- Arc-334: A FIPS-enabled Arc executable is now available for Windows, supporting Windows version 10 or above. For the steps required to enable a full FIPS Nozomi installation, see the Administrator Guide.
- Arc-398: A Microsoft Software Installer (MSI) file is now available from the Sensors page for installing Arc under Windows. The existing .zip archives for Windows are still available, allowing for Offline executions.
- Arc-437: Arc now reads the local ARP table in order to discover neighboring nodes and confirm their MAC addresses. There is a dedicated checkbox in the local UI to enable this data extraction.
- Arc-440: The buffering data capability is now supported by better UI messages telling the user whether buffering is happening, in order to actively troubleshoot the lack of connectivity.