Release notes

New features and enhancements in this major release:

• URL Protection now secures custom fields and objects in Salesforce (this feature is in technical preview, please contact our Customer Success team for assistance)
• Detect and block malicious URLs inside file attachments (requires Advanced Threat Analysis to be enabled)
  
• Detect and block hidden threats in shortened URLs

Fixed issues:

• Rich preview links for URLs updated to match the latest Salesforce domain list
• Performance of URL and File reputation checks enhanced 
• App resiliency bolstered with improved retry mechanism and clearer scan status messages
• Resolved issue with missing email alerts for detected harmful content
• Corrected occasional failures in file scanning and reputation assessments
• Addressed performance issues caused by large volumes of records in the AFSC__FSLink__c object
• Enhanced the email notification system for better alerting on harmful links
• Streamlined the administration page for faster loading times
• Expanded descriptions within WithSecure permission sets for greater clarity on permissions
• Relocated privacy settings to the advanced options section for better navigation
• Refined the messaging for files with an unknown reputation to provide clearer information
• Updated notifications to include information about the data processing region

New features and enhancements in this major release:

• In-app false positive and negative reporting: You can now report directly within the app if a safe file or URL is incorrectly flagged or if a malicious item is missed. 
• Intelligent file type recognition: This feature detects spoofed file types by analyzing a file's content, not just its name. 
• License model update: The user licenses section has been revised to reflect our new licensing model. 
• New Security Cloud data centers: We've expanded with data centers in Australia and Singapore, enhancing performance and data residency control in these areas. 
• Improved file scanning for very large files: File Protection now scans even larger files. 
• Governmental Cloud support: the app now protects Governmental Cloud products. 
• UX/UI enhancements: We've implemented several usability improvements to our app for a better user experience. 

Fixed issues:

• Minor information disclosure in the Scanli fs API [CAP-6120]: This update resolves a minor information disclosure issue in the Scanli fs API. 
• URL Protection altering subject lines [CAP-6940]: We've resolved an issue where URL Protection was incorrectly altering subject lines after updates. 
• Replacement text file issue [CAP-6582]: We've addressed a problem where replacement .txt files were not being added to cases when a malicious file was removed. 
• Advanced threat analysis callback issue [CAP-7530]: We've fixed a failure in the Advanced Threat Analysis callback that resulted in an "Access Denied" error. 

New Features and Enhancements in This Major Release: 

• Configurable Point of Presence: Customers can now select the geographic location for data processing. Currently, available regions include the EU and US. 
• Advanced Threat Analysis: Enhanced sandboxing and behavioral analysis have been integrated to amplify our multi-stage threat analysis process. 
• Advanced URL Analysis: URLs without a verified reputation are escalated for comprehensive dynamic examination. This ensures detection of even the most covert malicious URLs. 
• Migration to LWC for Summary page: We've enhanced the usability and responsiveness of the Summary page. 
• User experience improvements: We've made several usability enhancements to our app. 

Fixed issues: 

• Admin page is blocked by a large number of SObjects [CAP-7216]. 
• Email notifications incorrectly include the SF Email Signature of the Admin [CAP-6925]. 
• Analytics misses events when files are uploaded repeatedly [CAP-7300]. 
• Enhancements to the "Open related record" functionality [CAP-6977]. 

New features and enhancements in this major release:

• Protection status panel -- Enhanced protection status panel is to tell the admin if their Salesforce org is protected, and all relevant controls are enabled and configured.

• Improved user license management – Enhanced performance of License Management UI to handle very large number of active users

• Minor user experience improvements -- Usability improvements to our app.

Fixed issues:

• URL protection sometimes redirect Salesforce website to a URL which includes %e2%80%8b Zero Width Space Unicode character [CAP-6260]
• File download failure : Modify the error message shown to the user [CAP-6571]
• AFSC.FS_FeedComment: execution of AfterInsert caused by:
• System.NullPointerException: Attempt to de-reference a null object (AFSC) [CAP-6398]
• Users numbers are not aligning: Users Protected in Summary Tab, Protected users number from Report, users numbers in Licenses tab [CAP-6756]
• License use exceeding email notifications are sent despite having enough license [CAP-5877]Attempt to de-reference a null object in /scb [CAP-6707]

Important information about the release:

• If you are upgrading from version 1.8.5 or older, Automatic Updates setting is switched on regardless of the previous configuration

New features and enhancements in this major release:

• New future-proof architecture: The solution has been strengthened by the new architecture with a connected app that uses an API-based integration and technologies that enable enhanced protection capabilities.

• Enhanced scanning for large files: Large files can now be analyzed with minimal impact on performance and with no time constraints for threat analysis.

• Configurable Click-time URL Protection: More control and flexibility to configure the Click-time URL Protection for blocking malicious and phishing web links (URLs) in real-time.

• User experience enhancements: Analytics user interface has been improved to provide more consistent information about the product alerts and security events.

Fixed issues:

• The user can't reply to a Chatter post due to insufficient "Edit post" permission [CAP-5836]
• WithSecure app is updated automatically even if Automatic Updates is disabled [CAP-5762]
  • After upgrading to 2.0, Automatic Updates setting is switched on regardless of the previous configuration
• "Too many SOQL queries" exception when scanning multiple URLs [CAP-5813]
• URLs in uppercase are not replaced with click-time protection links [CAP-5925]
• "Too many email invocation" exception when multiple Case objects are created with malicious or disallowed web links [CAP-5934]
• Incorrect details in the alert when Automatic Updates settings are updated [CAP-5648]

Fixed issues:

• The 'Time limit exceeded' error is shown when opening the Administration user interface [CAP-6035]
• Statistics data is not populated correctly in the Protected Content Analysis report [CAP-5948]

Improvements:

• Old scan events and alerts are cleaned with 'hard delete' [CAP-5702]

Fixed issues:

• "License usage exceeding" alerts are not created for community user login licenses [CAP-5388]
• Cannot download files on first attempt due to a redirection issue [CAP-5635]
• System. SObjectException error is reported when removing the permission set assignments [CAP-5815]
• The Replacement_File_Id__c field in FSFileScanLog__c object does not have the read access permission for standard users [CAP-5897]

Fixed issues:

• URL Protection redirect links do not work correctly for internal users [CAP-5439]
• Incorrect user type in administrator notifications when the URL detection is triggered by external users [CAP-5513]
• The "Collection size exceeds maximum size" error is shown when the Configure alert message is opened [CAP-5594]
• Licenses are incorrectly assigned to Chatter free users [CAP-5356]
• The clickable area for the user interface panel elements is too narrow [CAP-4250]

Improvements:

• Performance: Using Platform Cache for pre-loading notification templates and other configuration settings [CAP-5228]

Fixed issues:

• Unhandled exception from 'Cloud Protection: License expiration check' [CAP-4656]
• The alert is not sent when WithSecure licenses are exceeded [CAP-5137]
• Missing translations for some settings in the Administration UI [CAP-5229 - CAP-5235]

Version 1.6.19
Fixed issues:

• Files uploaded by guest (unauthenticated) community users are not processed correctly in Spring ’21 (CAP-4191)

Version 1.6.18
Fixed issues:

• Security and performance improvements in the scan progress and complete pages (CAP-4151)
• Users with a Chatter Free license cannot post messages and comments to Chatter (CAP-4099)

Version 1.6.17
Fixed issues:

• Users with a customer community login license receive email notifications when a harmful or disallowed file is uploaded (CAP-4032)
• Users with a customer community login license receive email notifications when a harmful or disallowed URL is posted (CAP-4111)

Version 1.6.16
Fixed issues:

• Error is shown when posting a long URL link to Chatter (CAP-3990)
• Custom banner is not shown to community users (CAP-3991)

Version 1.6.15
Fixed issues:

• Administration UI looks disordered in Firefox browser (CAP-1142)
• Replacement file is not linked with the email message when a harmful attachment is removed (CAP-3724)
• Analytics page doesn't load correctly (CAP-3754)
• Replacement_File_Id is missing in the file scan log (CAP-3774)
• URL scanning failed due to "SfdcSqlException: Inserted value too large for column" error (3794)
• Replacement file is not created for malicious file uploaded by community user in Winter'21 (CAP-3951)
• The custom message text is not shown on the scan and block pages for a community user (CAP-3970)

Version 1.6.14
Fixed issues:

• Email security notifications are not sent when external users upload harmful content (CAP-3541)
• Disallowed files uploaded by community users are removed but not shown in quarantine (CAP-3657)

Version 1.6.13
Fixed issues:

• An error occurred when running batch processing with the F-Secure Cloud Protection app installed (CAP-3318)
• System. DmlException: Delete failed (INSUFFICIENT_ACCESS_OR_READONLY) in AFSC. FS_LicenseService job (CAP-3426)
• Could not create a new user due to "Auto Enabled Permission Set Assignment" (CAP-3498)
• LastModifiedDate is updated when a file is downloaded and scanned by the F-Secure app (CAP-3576)
• System. UnexpectedException: Start did not return a valid iterable object (CAP-3600)
• Errors on analytics page: No access rights to the object or its fields (CAP-3604)

Version 1.6.12
Fixed issues:

• F-Secure scan and block pages shown in Classical instead of Lightning UI in a community portal (CAP-1973)
• Exception error is shown when posting a message with the user mention and email address to a community portal (CAP-3025)
• URL Protection does not properly exclude URLs defined as subdomains in exclusion settings (CAP-3036)
• Hyperlinks are not properly handled in Chatter posts with user mentions (CAP-3056)
• "Query of LOB fields caused heap usage to exceed limit" error when uploading a 50MB file (CAP-3075)
• Make it possible to disable recording excluded URLs in Cloud Protection analytics (CAP-3152)

Version 1.6.11
Fixed issues:

• URL Protection may fail on email addresses with illegal hex characters (CAP-801)
• Malware may not be found if uploaded as a new version of Content Document (CAP-2508)
• SHA1 search doesn't work in File Events (CAP-2902)
• F-Secure license is not assigned automatically when user profile is changed (CAP-3002)

Version 1.6.10
Fixed issues:

• Handling Case objects only with changed descriptions (CAP-2512)

Version 1.6.9
Fixed issues:

• Files uploaded by guest (unauthenticated) community users are not processed correctly in Spring'20 (CAP-2675)

Version 1.6.8
Fixed issues:

• Lots of SOQL errors are being output in Product Basket due to FS Cloud Protection for Salesforce (CAP-1671)
• Unable to download attachments after Cloud Protection for Salesforce 1.6.6 upgrade (CAP-2297)
• Latency issue in Salesforce org due to F-Secure usage statistics update (CAP-2493)
• F-Secure jobs fails on submitting a document through a community page (CAP-2548)

Version 1.6.7
Fixed issues:

• Whatsapp images get renamed after uploading via Web Chat (CAP-2071)

Version 1.6.6
Fixed issues:

• AFSC. FS_EmailMessageHandler for job ID fails due to exception: AFSC: Too many query rows: 50001 (CAP-1966)

Version 1.6.5
Fixed issues:

• Disallowed file protection not working for community user (CAP-1662)
• URL exclusion not working for community user (CAP-1663)
• Changed behaviour in replacement file for community user (CAP-1664)
• System. NullPointerException in AFSC. FS_AttacmentScanJobQueueable (CAP-1726)
• Permission set assignment tool is throwing an exception in large organizations (CAP-1834)
• Scan files for disallowed content does not work correctly with Partner Community users (CAP-1872)

Version 1.6.4
Fixed issues:

• URL Protection causes "Something isn't right with your URL. Check that the URL starts with http:// or https:// and try again" error (CAP-1512)
• Several issues with manual and automatic license assignment (CAP-1531)
• "AFSC: Too many SOQL queries: 201" error is reported when archiving emails (CAP-1571)

Version 1.6.3
Fixed issues:

• Users who have been assigned a license getting a scan error as a "Non-licensed user" (CAP-1486)

Version 1.6.2
Fixed issues:

• SOQL Query For 'Third Party Query Rights' is not limiting the amount of response records (CAP-749)
• File blocked page shows 'null' as the file extension for files without an extension (CAP-1065)
• Alert links on the Summary page don't work as expected (CAP-1140)
• URLs are not scanned when uploaded to the community portal by a unauthenticated/guest user (CAP-1275)

Version 1.6.1
Fixed issues:

• "Apex heap size too large" exception is reported when scanning large attachments (CAP-974)
  
• Query of LOB fields caused heap usage to exceed limit on manual scan of attachments (CAP-993)
• File scanning may fail due to "Connection reset" system exception (CAP-1000)
• Scanning outbound email message may fail with "Future method cannot be called from a future or batch method" error (CAP-1131)
• "Attempt to de-reference a null object" exception is reported on scanning URLs (CAP-1139)
• Outdated copyrights on the About page (CAP-1141)

Version 1.6
New features and improvements:

• Salesforce Spring’19 support - The Spring’19 update of the Salesforce platform is fully supported.
• Unrestricted amount of file scan events - The application is now capable of storing and handling more than 200 thousand file scan events in Analytics.
• New retention intervals for Analytics events - To reduce data storage consumption, it is possible to configure automatic clean-up of File and URL protection events with intervals of one week, two weeks, one month, or two months.
• Localization for new languages - In addition to English and Japanese, the following languages are now supported: French, German, Spanish, Portuguese, Italian, Russian, Korean, Thai, and Simplified Chinese.

Fixed issues:

• System. QueryException: Non-selective query against large object types (more than 200000 rows) (CAP-463)
• AFSC. FS_User: execution of AfterInsert caused by System. AsyncException (CAP-767)
• Input validation missing for manual scan dates (CAP-809)
• Degraded URL recognition pattern for URLs with '@' sign (CAP-810)
• Redirect URL is malformed in HTML body of EmailMessage object (CAP-856)
• Manual scan job may report 'unknown' action for large files (CAP-981)
• Queueable Limit Exceeded Due to Email Alerts (CAP-990)
• Users with Japanese locale cannot install F-Secure Cloud Protection app (CAP-1006)

Improvements:

• Optimized the loading of the Analytics page [CAP-4741]

Fixed issues:

• The app reports too many "Failed to process string" alerts [CAP-5103]
• Some UI controls are misaligned in non-English languages [CAP-4245]

New features and improvements:

• New brand: F-Secure Business is now WithSecure™ and the solution is rebranded as WithSecure™ Cloud Protection for Salesforce.
• Automatic updateability: Starting from this release, new versions of WithSecure™ Cloud Protection app are delivered automatically to all customers. WithSecure™ pushes software upgrades based on the customers' automatic update preferences, which can be configured in the Administration UI.
• Related records in URL scan events: URL scan events now include additional information about Salesforce related records and objects where URLs are originally posted and scanned by the WithSecure™ Cloud Protection app. This allows to quickly find Chatter posts, Email messages, Case and/or Task objects where harmful or suspicious URLs are detected.
• Configurable retention intervals for alerts: It is now possible to specify how long WithSecure™ Cloud Protection alerts are kept in Analytics for reporting and security incident purposes. The retention interval can be set up to 24 months.
• Community login user licenses: The number of WithSecure™ licenses available and used for community login user licenses are shown on the License page. Community login user licenses can be assigned manually or automatically with automatic assignment rules.
• License and permission set assignment improvements: When WithSecure™ licenses or permission sets are assigned, the app creates corresponding alerts in Analytics. In case of a problem with the license or permission set assignment, the alert provides additional details.
• Configurable batch size for manual and scheduled scans: It is now possible to configure the maximum number of files to be processed in a batch. Decreasing the batch size in manual and scheduled scans prevents "Exceeded maximum time" exceptions.
• Possibility to disable scanning files in outbound emails: If File Protection causes problems with email-to-case messages, it is now possible to disable scanning files in outbound emails.
• Salesforce Platform cache: WithSecure™ Cloud Protection app is now leveraging Salesforce Platform Cache to store frequently requested data.
• New languages: The new version adds support for the following languages: Polish, Chinese (Traditional), Hungarian, Czech, Slovak, Turkish.

Fixed issues:

• Automatic license assignment does not work for the guest user [CAP-5022]
• URLs scanned in outbound email messages are not reported in URL scan events [CAP-4993]
• Users do not get a file automatically on download when using service console [CAP-4978]
• Failed to process Queueable job for class AFSC. FS_UrlScanJobQueuable due to System. NullPointerException [CAP-4264]
• System. QueryException: Non-selective query against large object type FS_Alert__c [CAP-4871]
• The image is missing on the Scan Exception and URL not found pages [CAP-4925]
• FS_URL_Scan_Log__c. Location__c picklist field does not contain Lead and Task values [CAP-4482]

Version 1.7.7
Fixed issues:

• "Too many queueable jobs" exceptions when emails are sent out with attachments (CAP-4688)
• Multiple "Exception in file scanning" errors when running scheduled scans (CAP-4687)

Version 1.7.6
Fixed issues:

• Security improvements to mitigate possible sharing violations (CAP-4492)
• 'AFSC. FS_CleanCacheResultBatch': Access to entity 'Group' denied: Entity is not API accessible (CAP-4527)
• Scan usage data is not reported correctly (CAP-4533)

Version 1.7.4
Fixed issues:

• The F-Secure app makes unit tests fail (CAP-4429)
• The administration page loads with the following error: 'AFSC: Too many query rows: 50001' (CAP-4483)
• Excluded files are not reported in Analytics when scanned with manual scanning (CAP-4427)

Version 1.7.3
Fixed issues:

• The F-Secure permission set is not assigned even after manually clicking the Assign button (CAP-4393)
• System. DmlException with ENTITY_IS_DELETED error in AFSC. FS_CleanCacheResultBatch (CAP-4385)
• Inadequate edit permissions are set for the file scan event log (CAP-4379)

Version 1.7.2
Improvements:

• When the application fails to delete malicious or disallowed content, a critical alert is created in Analytics (CAP-4352)

Fixed issues:

• Excluded files with irregular filename extensions get quarantined as disallowed content (CAP-4355)
• File downloads may fail if users have read-only access to the library (CAP-4368)

Version 1.7.1
Fixed issues:

• Scanning files on download may take more than 30 seconds to complete (CAP-4291)
• The replacement file in a Case object is generated with the wrong extension (CAP-4279)
• An incorrect filename is reported in the scan event when a new version of the file is uploaded (CAP-4299)

Version 1.7
New features and improvements:

• Salesforce Spring ’21 support: The Spring ’21 update of the Salesforce platform is fully supported. The F-Secure app brings some changes and includes a new permission set to support guest community users better.
• License information and reporting on scan usage: The License page now provides information about available, used, and remaining licenses for standard and community user licenses. Scan usage is reported for the current month, as well as for the previous six months. The users included in the F-Secure Cloud Protection Admins group receive email notifications when the license limits or the total monthly scan quota has been exceeded.
• Improvements for license assignment: The License Assignment dialog has a new layout with the License status, Assign and Remove operations. When assigning F-Secure licenses, it is now possible to see which type of license (standard or community) is assigned. If there are more than 2000 users selected, licenses are assigned in the background.
• Targets for File Protection and exclusions based on location: It is now possible to separately enable or disable scanning Salesforce Files and Attachments. It is also possible to select locations, for example, standard and custom objects, where attachments are scanned for harmful or disallowed content upon upload.
• Included or excluded file types and extensions for malware scanning: The F-Secure app can now be configured to scan all files, except excluded, or only included, file types and extensions.
• Allowed or disallowed file types and extensions for content filtering: The F-Secure app can be configured to treat and block disallowed content based on allowed or disallowed file types and extensions.
• Targets for URL Protection: URL scanning can be enabled or disabled for specific locations such as Chatter posts and comments, inbound and outbound email messages, Case comments and descriptions.
• Scanning URLs in Lead and Task objects: The F-Secure app can now scan URLs in Lead and Task objects. For the Lead object, URLs are checked in the description and website fields. For the Task object, URLs are inspected in the description and comments field.
• Manual scan improvements: The maximum number of files that can be processed in one manual or scheduled scan job is now 500,000.  Note that a special permission set needs to be created and assigned to users who run manual or scheduled scanning. Informational alerts are created when manual and scheduled scan jobs start and finish.
• New privacy control setting: The new setting defines which data F-Secure can share with third party services used for threat analysis. By default, only anonymized metadata is shared.
• Performance improvements: There are a number of changes made to improve the performance of file and URL scanning.
• Integration and customization improvements: New custom fields have been introduced to support better integration based on F-Secure custom objects. 
• New F-Secure brand and other UX improvements: The new F-Secure logo and brand colors are now used in the F-Secure app. The design of the Summary, Support and other pages have also been improved.

Fixed issues:

• Manual Scanning: Files uploaded to Content libraries are not scanned (CAP-725)
• Administration UI looks disordered in Firefox (CAP-1142)
• System. QueryException (more than 200,000 rows) is reported on URL scanning (CAP-1574)
• Lock contention caused by the F-Secure app (CAP-2491)
• Users with the F-Secure Admin permission set cannot change settings (CAP-2717)
• When harmful files with a filename containing 250 characters is uploaded, the replacement file is missing (CAP-3087)
• Inconsistent behavior with URL exclusions (CAP-3101)
• File Protection: file scan events are not created when uploading a single large file (CAP-3192)
• Files with long names break filtering for disallowed content (CAP-3450)
• Duplicate entries in F-Secure license assignments (CAP-3622)
• Removal of duplicate license batch jobs throw too many DML row errors (CAP-3836)
• Harmful content is not deleted when there are millions of files in the organization (CAP-4136)

Version 1.5.4
Fixed issues:

• URL Protection will detect normal strings as URLs (CAP-871)
• Automatic cache and events log cleanup caused unhandled exceptions: Argument cannot be null (CAP-877)
• It is not possible to exclude top-level domains in URL Protection (CAP-903)
• CPSF misinterprets filenames as URLs (CAP-907)
• Version info is misinterpreted as URL and replaced by a redirect link (CAP-909)
• Japanese translation improvement on File Protection page (CAP-943)

Version 1.5.3
Fixed issues:

• Installation/upgrade fails when Shield encryption is used for standard objects/fields (CAP-845)
• Extra SOQL queries are made when File Protection is disabled (CAP-836)

Version 1.5.2
Fixed issues:

• Unexpected Exception On EmailMessage: data changed by trigger for field HTML Body: data value too large (CAP-800)
• If the scan result is available in the cache, a file is scanned even though the File Protection is disabled (CAP-811)
• Apex script unhandled trigger exception: AFSC. FS_ContentVersion: execution of BeforeInsert (CAP-812)
• Email-to-Case: Errors encountered while processig: FIELD_CUSTOM_VALIDATION_Exception (CAP-822)

Version 1.5.1
Fixed issues:

• Missing or incorrect Japanese translations
• Apex trigger AFSC. FS_Case caused an unexpected exception: System. LimitException: Regex too complicated (CAP-438)
• Apex script unhandled trigger exception by user/organization: FS_ContentVersion: execution of AfterUpdate (CAP-627)
• Manual scan reports the wrong reason for clean file event if the file is excluded from scanning (CAP-765)
• AFSC. FS_EmailMessage: System. LimitException: Regex too complicated (CAP-784)

Version 1.5
New features and improvements:

• Salesforce Summer’18 release support - The Salesforce Summer’18 release is fully supported.
• Content filtering - The solution allows the detection and blocking of dangerous and inappropriate content that is not allowed for security or compliance policy. Disallowed files can be filtered out based on the file type or filename extension.
• On-demand and scheduled scanning - Salesforce files and attachments can be scanned for harmful and disallowed content at any time or at predefined time intervals. You can choose which files are scanned based on the creation or modification time, file type or location.
• Quarantine management - Harmful or disallowed content removed by File Protection can be viewed and restored with the new quarantine management tool.
• Automatic license assignment - Application licenses can be automatically assigned to Salesforce users based on user profiles or other criteria.
• Improved Security Cloud services - The solution leverages F-Secure Security Cloud services that have been improved with more advanced detection capabilities.
• Privacy Admin role - Application's privacy control settings can now be protected with a special permission set.
• URL Protection improvements - Malicious and unwanted URLs are checked in Case comments and EmailMessage objects.

Fixed issues:

• Filenames are treated as URLs (CAP-370)
• 'Request to file content check failed' error is reported on scanning an email object (CAP-403)
• URL Protection does not replace links in email messages coming via Email-to-Case (CAP-450)
• Installation fails with "Dependent class is invalid and needs recompilation" error (CAP-513)
• Unsafe file is not removed correctly when advanced threat scanning is disabled (CAP-558)
• The reason for an incorrect alert is reported when URL reputation check fails (CAP-607)
• Used license count is not updated correctly on the License page when the licensing mode is set to 'All users' (CAP-611)
• The replacement file has the wrong extension when a malicious attachment is uploaded (CAP-628)
• F-Secure Cloud Protection breaks files that are generated by a third-party application (CAP-645)
• "Too many queueable jobs added to the queue" error is reported when a new document is generated by Salesforce CPQ (CAP-674)