Product Update 4.14.3.0 - March 25, 2025

The Mandiant Security Validation (MSV) team is pleased to announce version 4.14.3.0 of the MSV platform. 

Enhancements

  • Added a new user group right that allows for content export without any other settings permissions.
  • Added support for multiple X-Header key/value pairs in Email Classification Settings.
  • Simplified the Actor security update process in the web interface.
  • For Google Chronicle Backstory MSI integrations, added the ability to save the Last Run Query and view the Last Run Query in the Settings > Integrations > Test window.

Bug fixes

  • Fixed an issue related to Protect Theater package dependencies in security updates.
  • Fixed an issue where security updates were not applying to Network Actors.
  • Fixed an issue where a Windows 10 VDI-based Actor reported intermittent operational status failures.
  • Fixed an issue where the AEDA configuration page wouldn't load if an Actor that was used in AEDA monitors was removed.
  • Fixed an issue where some restricted files couldn't be downloaded.
  • Fixed an MSI Splunk integration issue where multiple alerts were returned by a query, but only the last result showed in the Job results.
  • Fixed an MSI Splunk integration issue where the Correlation Query Time couldn't be edited.
  • Fixed an issue where Job filter times had discrepancies in the web interface.
  • Fixed an issue where a scheduled Action couldn't be changed from Run Once to Repeating.
  • Fixed an issue where Protected Theater was generating new interfaces for the virtual interface.
  • Fixed an issue where Protected Theater hung and did not recover when Monitor Outbound Connection was enabled.
  • Fixed a Rapid7 integration issue where an empty logset name could not be deleted.
  • Fixed an issue in Report Builder where a CSV export of a table missing Job Action Results resulted in Errored records.
  • Fixed an issue where Directors were reporting low disk space after an upgrade.
  • Fixed an issue where using certain unicode characters in Actions resulted in a crash with exceptions.
  • Fixed an issue where a Protected Actor was unable to ping with ICMP rules in place.

Known issues

  • Local Event Filtering works as expected but is limited to Match Action, Match Integration, and Match Events (when the latter involves Raw Events). If a rule has a Match Event condition for any field other than Raw Event, the rule does not apply to Local Events. It only applies to events from standard local integrations in MSV.
  • Network configuration may reset unexpectedly. To resolve the issue, run vsetnet after the upgrade with static IP addresses for one or more interfaces.

Appliance OS Security Update

The latest platform security update can always be found on the Validation Section of the Docs Portal. This security update applies to all versions of the product and is cumulative.

Important Installation Notes

Minimum Director version 4.12.0.0 or higher is required to upgrade to version 4.14.3.0.

To download documentation and software (appliance images, installers, and update packages) visit the Validation Section of the Docs Portal. For full details on how to upgrade, see Updating Security Validation Components.

© Copyright Mandiant. All rights reserved
  • First Published: March 25, 2025
  • Last updated: March 25, 2025
In This Article
Related Articles
  • None
Copyright © 2020 – 2021 Your Company, LLC. All rights reserved.