Upgrade to access new and enhanced features. Latest SHA256 release checksums - filecloudupdate.zip d027150bb62b927f0e1cc1e4408d922a8d0d2240c643e2c87fadd2c51fe52b02
- FileCloudSetup.exe d485bb6bb523dbb9021de6802002df632de7a9a470344f1c8681ff9e583e2a60
Security Advisories
- PDPL Compliance added to Compliance Center - Saudi-based Personal Data Protection Law (PDPL) compliance has been added to the Compliance Center.
- NIST 800-171 Compliance added to Compliance Center - The Department of Defense's National Institute of Standards 800-171, which must be met by defense contractors and other federal agencies who handle controlled unclassified information (CUI), has been added to the Compliance Center.
- Secure Web Viewer (Beta version) - File shares that require Digital Rights Management (DRM) can now be created from the Share Link window by choosing the permission option "Allow anyone with Secure Web Viewer link and a password." When a share recipient clicks the link, they are shown the file in FileCloud's new Secure Web Viewer which has DRM capabilities.
- Smart Classification has a new simpler user interface that includes an AI classifier that enables content matching using broader categories.
- Advanced Telemetry (collection of product usage data) - On FileCloud installation and update, admins can now agree to share product usage data with FileCloud.
PDPL Compliance Added to Compliance CenterWith Version 23.232, FileCloud adds Saudi Personal Data Protection Law (PDPL) to the list of regulations that can be monitored and configured in the Compliance Center. The Saudi PDPL became active in September, and includes a set of rules that must be followed to protect personal data processed and transferred by Saudi companies or companies handling Saudi data.
NIST 800-171 Compliance SupportIn addition, FileCloud has added NIST 800-171 compliance to the regulations covered by the Compliance Center. NIST 800-171 is a US compliance that regulates how controlled unclassified information (such as personally identifiable information and proprietary business information) is shared, and what details must be made available to subjects about their personal information. Secure Web Viewer (Beta version)FileCloud introduces its Secure Web Viewer which enables users to publicly share files while ensuring they are DRM-protected. When a user shares a jpg, png, pdf, docx, or pptx file, a new sharing permission, Allow anyone with Secure Web Viewer link and a password, now appears in the Share Link screen. When a user chooses this permission, a share link that accesses the Secure Web Viewer is created along with a password for opening the shared file in the Viewer. If Enable Protected View was checked when the share was created, small portions of the screen can only be viewed at a time using a moveable lens.
Secure Web Viewer option in Share link dialog box.
Viewing a file in the Secure Web Viewer in protected view.
Updated Smart Classification User Interface with AI ClassifierThe new Smart Classification user interface includes a code-free three-step wizard that makes it fast and easy to create a rule. In addition, a new AI classifier has been added for finding broader ranges of results.
New Smart Classification user interface with AI Classifier selected. The new Smart Classification interface also includes a testing function that enables you to test if your classifier can successfully match patterns.
Advanced Telemetry (collection of product usage data)
FileCloud is now collecting product usage data for FileCloud Online trial deployments. Admins also have the option of sending product usage data to FileCloud during Server trial deployments, and after conversion of Online and Server trial licenses to product licenses. On initial admin portal login to FileCloud Online trial deployments, only the first screen below appears. On initial admin portal login to FileCloud Server trial deployments and after conversion of all trial licenses to product licenses, the two screens below appear as a wizard in the admin portal, and enable admins to opt in or opt out of sending product usage data to FileCloud.
Product usage data helps FileCloud improve the product and enhance it to meet current users' needs, and includes information such as features enabled and number of users and shares.
UI Changes in FileCloud 23.232User Portal
- If viewing through the Secure Web Viewer is available and enabled, when jpg, png, pdf, docx, and pptx files are shared, the Share Link dialog box now includes the permission option Allow anyone with Secure Web Viewer link and a password.
- In Automated workflows, the Share Event trigger now displays the new option If a share is created or updated or share content modified.
- In Automated Workflows, condition queries no longer display the Var option until the user has added a Workflow variable.
Admin Portal
- On the Settings > Misc > General tab, the Enable WebDRM checkbox now appears at the bottom of the page. When enabled, users have the option of sharing files only with users who have the share link and the Secure Web Viewer password.
- On the Settings > Server tab, there is now now a setting for disabling and enabling the collection of usage data for rich telemetry analysis.
- The Settings > Policies > User Policy tab now shows the settings Require Admin Approval for Device Authentication and Enforce Session Timeout for Devices as grayed out (disabled) unless the previous setting, Enable Code Based Device Authentication is set to YES, since they cannot function unless it is enabled.
- The Settings > Third Party Integrations tab now includes an AI sub-tab for enabling and configuring use of AI in Smart Classification.
- When admins add an S3 Compatible Bucket type of Network Folder, they now have the option of choosing whether to use the IAM Role or the S3 Key and S3 Secret to connect to S3 bucket.
A checkbox for changing the option is also available now in the edit dialog box for S3 Network Folders from the Manage Network Folders screen, and from the Storage > My Files screen when S3 Compatible storage is configured.
- A Disable Notifications setting for S3 Network Folders has been added to the edit dialog box.
- In the admin portal, on the Settings > Misc > General page, an Enable WebSocket checkbox now appears. When enabled, push messaging occurs if the service is enabled for FileCloud Server users.
Client apps- A Comments field now appears in FileCloud for Office:
- DocIQ is no longer supported in FileCloud; instead, FileCloud for Office, which replaces DocIQ, is supported. Prior users of DocIQ can continue to use it in FileCloud Sync and FileCloud Drive, and still have the option of upgrading Sync and Drive with DocIQ.
DocIQ will be fully deprecated and become unavailable within the next year. - Beginning with new installations of version 23.232, the terms of service link has changed. The default terms of service are automatically changed for new installations. Although the prior link will automatically be directed to the new page in earlier installations and upgrades, if you are upgrading from a version of FileCloud prior to 23.2, we recommend that you change change the Terms of Service link to: https://www.filecloud.com/eula/
- If you have folder-level security (granular folder permissions) enabled in Settings > Misc > General, changes in functionality will significantly impact the way existing share behavior works when you upgrade from versions below 23.1 to FileCloud 23.x and higher. If you have granular folder permissions set, please contact FileCloud Support before upgrading to FileCloud 23.x and higher to avoid share and file access issues.
- If you are upgrading from an environment using Solr or Solr+OCR, you must perform additional steps after upgrade. See Upgrade Notes for FileCloud 23.232 or Later for instructions on adding these steps.
- If your system runs on RHEL9, depending on the state of the operating system, the OpenSSL workaround configuration that prevents licensing and log-in issues may be removed after upgrading the system. After upgrade please verify that your workaround code still appears in the openssl.cnf file, and if necessary, add it to the file again. For information about the workaround code and where it should appear in the openssl.cnf file, see Known Issues.
- If you are using native LDAP for authentication and using non-TLS connections set the LDAP Host value to ldap://hostname. Older FileCloud versions supported host value without the protocol definition ldap://
|
EnhancementsReference Number | Area | Feature | Notes | Server |
|
|
| CL-14063 | Audit | FileCloud Desktop has been added as an agent that audit logs can be filtered on. |
| CL-13319 | Authentication | To reduce possibility of user enumeration, all authentication failure messages (except 2FA) have now been standardized as "Invalid Username or Password. Password is Case Sensitive." |
| CL-13130 | Automated workflows | A new workflow trigger, "If a share is created or updated or share content modified," has been added to enable users to send shares back for approval if the file shared is modified. |
| CL-12973 | Automated workflows | For clarity, variable names for the user who started the event are now prefixed with "Started by User" instead of "User." |
| CL-13017 | Automated workflows | Now, when a share approval workflow is active and a share is created, if Send Email is checked for an invited user the email is sent after the share is approved, not when the share is created. In addition, if the share creator attempts to send an email when editing the share, a notification indicates that the message cannot be sent. |
| CL-13687 | Download | When downloading multiple files as a zip file, the zip file name and its text file contained the word "FileCloud." Now "FileCloud" is replaced with the value in Settings > Service > Server Name. |
| CL-13108 | Previews | Three new values are available for including in watermark previews: ^SHARE_OWNER^, ^FILE_OWNER^, and ^OWNER^, where ^OWNER^ is the user who shared the file if the file is shared, or the owner of the file if the file is not shared.
|
| CL-13112 | Search | Some searches and reports were taking too long to process. Their speed has been improved. |
| CL-13967 | Search | A new setting enables user interface searches to begin from the current path shown on the screen but also give users the option of performing a global search. |
| CL-13637 | Settings | An admin portal setting has been added to Misc > General settings for enabling or disabling push messaging. |
| CL-13766 | Shares | In share emails, a share owner can now check a box in the advanced Customize Email screen to send themself a copy of the email. |
| CL-13494 | Team Folders, Share emails | For added security, when an admin shares a Team Folder with a user, the admin can no longer add or edit From, Reply to, and BCC fields in the email. |
| CL-13146 | Workflows | The "If a new user is created" workflow now includes an optional flag to automatically mark email verification as complete so users can log in immediately. |
| CL-13179 | Workflow | A new workflow has been added that performs a specified action on user accounts created before a certain date. Parameters considering users who are inside or outside of a certain domain have also been added to this workflow and to the "if a user's last login is older than" workflow. |
| Drive/Drive for Mac |
|
|
| CL-13110 | 2FA | When users logged in to Drive using 2FA, then logged out and logged in again, they were not required to enter a 2FA code. Now users are required to enter a new 2FA code on re-login. |
| Drive for Mac |
|
|
| CL-13897 | macOS | Drive for Mac now supports macOS 14 (Sonoma). |
| FileCloud for Office |
|
|
| CL-13757 | Comments | The ability to add comments to a file has been added to FileCloud for Office. |
|
Bug Fixes Reference Number | Area | Description | Server |
|
| CL-14141 | 2FA | The setting "Enable Two Factor Authentication For Admin Logins" at Settings > Admin was not being honored for promoted admin users. This has been fixed. | CL-13227 | AD | When admins imported groups from AD, only the first 1000 groups appeared in the list and could be imported. This has been fixed. | CL-13170 | Audit log | A problem causing the audit log to show two records for an action that occurred once has been fixed. | CL-13690 | Audit log | An issue preventing audit logs from being exported has been fixed. | CL-12994 | Auto-archive | When an error prevented a temporary audit-archive db collection from being deleted, auto archive failed because the new one couldn't be created. This has been fixed. | CL-13682 | Automated workflows | For a File Approval workflow requiring approval for a new folder, the approval page attempted to show a preview of the folder which failed because folders cannot be previewed. This has been fixed; the page now displays the folder path instead of attempting to show a preview. | CL-12973 | Automated workflows | Although workflow variables existed for users who performed the action triggering the workflow, they were not properly labelled. The labels now begin with "Started by User . . ." instead of "User . . ." so they can be identified. | CL-13127 | Customization | Custom code provided for headers and footers caused problems with the user interface. This has been fixed by adding new tabs for Custom Header and Custom Footer HTML in the Customization screen. | CL-13974 | Device authentication | In Settings > Policies > User Policy, the settings Admin Approval Required for Code Based Authentication and Enforce Session Timeout for Devices are now only enabled if the setting Enable Code Based Device Authentication is set to YES since they only function if it is enabled. | CL-13478 | Downloads | Some single file shares of encrypted zip and mp4 files failed to download unless the default max execution time was increased. This was fixed, and these files now download within the default max execution time. | CL-13374 | Downloads | An issue enabling users who only had preview permission for PDFs to download them has been fixed. | CL-13957 | Email | The Secure Cookie Setting warning appeared in the Daily Admin Summary email. The warning has been removed from the email. | CL-13654 | Email | The Daily Admin Summary email displayed "Mod Proxy HTTP Apache Check Failed" although the check did not fail. This has been fixed and the inaccurate failure warning no longer appears. | CL-13814 | FFO | In some builds, when Sync or Drive was updated and FFO was chosen, the option to enable FFO in the app did not appear. This has been fixed. | CL-13842 | File/Folder names | File and folder names with tab characters in them were causing issues with syncing and other operations. To resolve the issue, tab characters are now replaced with blank characters. | CL-11938 | Folder move | While a large folder was being moved into another folder and another operation occurred on one of the folders, the operation could fail and data could be lost without warning. This has been fixed so that both processes are not performed simultaneously and an error message tells the user that the second operation cannot yet be performed. | CL-13801 | Folders | Folders with numerical names were allowed to have trailing spaces which caused file uploads to them to fail although they were noted as successful. To fix this, FileCloud now removes leading and trailing spaces from all folder names. | CL-13679 | Logs | An issue causing Linux server logs to fail to close has been fixed. | CL-13562 | Reports | Report generation of the "Get download files" report failed when there were a large number of files. This has been fixed. | CL-13500 | Recycle bin | When the user policy option "Enable Recycle Bin Clear Feature" was set to NO, although users should still have been able to delete files individually, they could not. This has been fixed. | CL-13966 | Search | The user portal was not returning partial results as long running searches ran. This has been fixed. | CL-13140 | Shares | Emails sent for public shares with passwords were missing the recipient name in the subject and incorrectly had an unsubscribe link at the bottom. These issues have been fixed. | CL-13820 | Shares | A scenario in which groups but not users could be selected in a share has been fixed. | CL-13884 | Shares | Admins were unable to save a letter as upper-case when they changed a share link in the admin portal. This has been fixed. | CL-13776 | Shares, previews | On view-only shares of PDFs, previews showed a print button that did not work. Now view-only shares of PDFs do not show a print button. | CL-13883 | Shares, Team Folders | A problem causing the invite users and groups options to not appear in the share screen for Team Folders when "Disallow default share settings change" was set to "Yes" in the Team Folder policy has been fixed. | CL-13578 | Team Folders | When a user who shared files in a Team Folder had their access to the Team Folder revoked, all sharing details were not removed, so a share link with the same custom name could not be created. This has been fixed. | CL-14017 | Team Folders | For Team Folders in the admin portal, the "Check Access" function did not show the correct permissions under certain conditions. This has been fixed. | CL-13663 | Team Folders | When users tried to upload multiple folders to Team Folders, only some of the folders were uploaded. This has been fixed. | CL-13657 | Upload | Uploads of empty folders were not successful. This has been fixed. | CL-13532 | User portal interface | On Google Chrome version 114.0.5735.91, the show password icon did not appear correctly. This has been fixed. | CL-13226 | User portal interface | When a user selected a folder and edited its share and then clicked OK in the share link dialog box, although the details panel showed the folder's details it displayed the name of its parent folder. This has been fixed. | CL-14099 | User portal interface | A problem causing the Security tab in the right panel to sometimes disappear has been fixed. | Security |
|
| CL-13864 | Automated workflows | Checks for unsafe data in input fields in automated workflows were not rigorous enough. This has been fixed. | CL-13595 | 2FA | Admin 2FA codes were able to be used more than once. This has been fixed by invalidating codes after they are initially used. | CL-14168 | ACL | Users without manage permissions for a folder were able to view the Security tab in the user portal and manage the ACL. This has been fixed by hiding the Security tab when the user does not have manage permission for the folder. | CL-13767 | Backup | The FileCloud version number was exposed in the file manifest file of the backup agent which could make FileCloud vulnerable to attacks. This has been fixed. | CL-13727 | Folder rename | A rename to a folder could be configured to create a popup notification that could cause an XSS vulnerability. This has been fixed. | CL-14024 | Logout | Actions were able to be performed in certain client apps after users logged out. This has been fixed. | Drive and Drive for Mac |
|
| CL-13180 | 2FA | After logging into Drive, if a user enabled 2FA and then restarted Drive an error occurred. This has been fixed. | CL-13834 | AutoCAD | Attempts to import layout sheets in AutoCAD failed because the files did not appear in the Import Layout dialog box. This has been fixed. | CL-13543 | Certificate file | SSL certificate files in Drive have been updated to enable all users with valid certificates to log in. | CL-13962 | Login | Users were unable to log in to Drive after updating their passwords from AD. This has been fixed. | CL-13707 | Mass deployment | When Drive was installed with mass deployment, the maxdownloadsizeinmb parameter was not applied. This has been fixed. | CL-13651 | Opening files | An issue causing Drive for Mac to crash when opening certain xlsx files has been fixed. | Sync |
|
| CL-13790 | Proxy | When a user logged in to Sync with a proxy, some actions caused the application to freeze. This has been fixed. | CL-13789 | Sync Selected Folders | If the Sync Selected Folders option was selected, when the Sync dashboard was opened and the Cloud Storage tab was clicked, the selected folders were not initially listed. This has been fixed. |
Server-only Bug FixesReference Number | Area | Description |
---|
Server |
|
| CL-13872 | ICAP | The ICAP server was deleting files that caused 4xx and 5xx response codes even if the files were not infected. This has been fixed. | CL-13653 | Network Folders | An S3 Network Folder named "0" did not show the correct content. This has been fixed. | CL-13662 | Network Folders | A problem causing the folders and files in Network Folders to all list January 1, 1970 as their modified date has been fixed. | CL-13611 | Network Folders | When shares were removed from the Shared by Me section in Network Shares, a refresh was required to remove the shares from the browser. This has been fixed so that the shares are no longer shown once they are removed. | CL-13708 | Push Server | When the Push Server failed to start, it continuously attempted to restart. This has been fixed so that after failure to start, the service ends and does not attempt to restart. | CL-13729 | S3 Network Folders | An option to disable notifications for Amazon S3 Network Folders has been added. | CL-13593 | Search, Network Folders | An issue causing searches in Network Folders with large numbers of indexed items to return no results has been fixed. | Security |
|
| CL-13748, CL-13859 | OpenSSL | Due to security issues with the installed OpenSSL versions, the version of OpenSSL has been updated. | ServerLink |
|
| CL-13844 | Path normalization | ServerLink nodes were overriding the original normalization form for files and folder names, causing sync errors. This has been fixed so that ServerLink now synchronizes strings in their original normalized format. | Drive |
|
| CL-13841 | Modified dates | An issue causing different modified dates to appear for Network Folders in Drive than in the user and admin portals has been fixed. | CL-13007 | UNC Network Folders | Trailing slashes in path arguments caused renaming of folders to fail. This has been fixed. | FileCloud for Office |
| | CL-13750 | Network Folders | If the Network Folders Display Name was changed, when the user opened FFO, the system hung and displayed the error "Fetching file info." This has been fixed. | Sync, Drive |
| | CL-13769 | Port binding | Port 34540 was bound to all network interfaces, but should only have been bound to localhost (127.0.0.1). This has been fixed so that port 34540 is now bound only to localhost. | ServerSync |
|
| CL-14034 | NTFS permissions | When a user imported permissions using ServerSync from a subfolder in Windows with the NTFS permissions read, execute, and list to a Team Folder, it should only have imported read permission, but it added share and manage permissions also. This has been fixed. |
|