IMPORTANT: This site is planned to be decommissioned in 2026. Visit the Tanium Resource Center for all Tanium release notes, user guides, and support information. To view release notes in the Resource Center, see Tanium Release Notes.
IMPORTANT: If you are using semi-annual releases for on premises, see the Release notes for 2024H1 semiannual release, Release notes for 2024H2 semiannual release, or Release notes for 2025H1 semiannual release on the Tanium Resource Center.
Effective October 15, 2024: On prem release notes on the Tanium Knowledge Base are frozen. For release notes related to 7.4 or 7.5 Server and Solutions, see the Monthly updates for Tanium Version 7.4 and 7.5 Server and Solutions on the Tanium Resource Center.
Release Notes Comply (Version 2.12)
Tanium Comply 2.12.544
Release Date: August 30, 2022
Bug Fixes
- Fixed an issue with Download as CSV generating incorrect file extensions in some scenarios.
- Fixed an issue with downloading multiple reports at once generating an error.
- Fixed an issue with occasional 500 errors when loading the Assessments page.
Tanium Comply 2.12.541
Release Date: August 23, 2022
Bug Fixes
- Fixed an issue with Download as CSV failing with "Failed to load report exports."
- Fixed an issue when trying to download multiple reports.
Tanium Comply 2.12.538
Release Date: August 16, 2022
Enhancements
- Upgraded various third-party libraries to the most recent versions.
Tanium Comply 2.12.529
Release Date: August 9, 2022
Bug Fixes
- Fixed an issue where RAS findings for some device types (including Cisco IOS) are not processed by the Comply service.
- Fixed an issue where the Comply service would repeatedly attempt to connect to the Direct Connect service unsuccessfully.
- Fixed an issue where uploading benchmarks in airgap mode didn't work
Known Issues
- Results from an assessment are not cleaned up after deleting the assessment and removing stale assessments from endpoints. This is only a problem with Compliance Assessments. Vulnerability Assessment results are removed as expected.
Tanium Comply 2.12.516
Release Date: August 2, 2022
Prerequisites
- Tanium™ Connect 4.10.5 or later (To customize columns for exports, you must have Connect 5.8.49 or later)
- Tanium™ Discover 3.0 or later required for remote vulnerability reports
- Tanium™ Endpoint Configuration 1.2 or later
- Endpoint Configuration is installed as part of Tanium™ Client Management 1.7 or later.
- Tanium™ Interact 2.12.114 or later
- Tanium™ Trends 3.6 or later
- Tanium™ Reporting service 1.3.12 or later
- Tanium™ API Gateway 1.1.13 or later
- Tanium™ Blob service 1.0.6 or later
- Tanium™ RDB service 1.0.148 or later
- Tanium™ System User service 1.0.77 or later
Additional Remote Authenticated Scanning requirements:
- Tanium Direct Connect 2.1 or later
- Tanium Discover 4.5.144 or later
Supported Tanium Platforms
- Tanium Server 7.4.1.1939 or later
Enhancements
This release includes:
- The Findings grid and Connect export now include the "Computer ID" column.
Bug Fixes
- Fixed an issue where, in some cases, no dates were returned for the Comply - CVE Findings First Found/Last Found sensors.
- Fixed an issue where files in the extracted JRE that were symbolic links did not have permissions set correctly.
- Fixed an issue where the architecture type was incorrectly identified on M1 Mac clients.
Known Issues
- RAS findings for some device types (including Cisco IOS) are not processed by the Comply service. Devices that return their IP address with a "/subnetmask" identifier cause the service to error when processing the RAS results. The scan may complete successfully, but findings never appear in the Comply UI.
Tanium Comply 2.12.501
Release Date: June 28, 2022
Prerequisites
- Tanium™ Connect 4.10.5 or later (To customize columns for exports, you must have Connect 5.8.49 or later)
- Tanium™ Discover 3.0 or later required for remote vulnerability reports
- Tanium™ Endpoint Configuration 1.2 or later
- Endpoint Configuration is installed as part of Tanium™ Client Management 1.7 or later.
- Tanium™ Interact 2.12.114 or later
- Tanium™ Trends 3.6 or later
- Tanium™ Reporting service 1.3.12 or later
- Tanium™ API Gateway 1.1.13 or later
- Tanium™ Blob service 1.0.6 or later
- Tanium™ RDB service 1.0.148 or later
- Tanium™ System User service 1.0.77 or later
Additional Remote Authenticated Scanning requirements:
- Tanium Direct Connect 2.1 or later
- Tanium Discover 4.5.144 or later
Supported Tanium Platforms
- Tanium Server 7.4.1.1939 or later
Enhancements
This release includes:
- Remote Authenticated Scan (RAS) Assessments have a new option to target an IP range instead of interfaces previous found by Discover. This means that a satellite no longer needs to share a subnet with the scan targets.
- The Findings pages now have a "Download as CSV" button allowing you to export results from grids directly from the Comply workbench.
- The Vulnerability Findings grid and Connect export now includes columns "CPEs," "Affected Products," "Affected Platforms," "CVE Created Date," "CVE Modified Date," and "Computer Serial Number."
- The Compliance Findings grid and Connect export now includes the "Severity" column.
- The Findings pages now include a Filter Builder option to build sophisticated conditionals to filter the findings.
- The Vulnerability Findings grids now include selection and a button to "Remediate in Patch."
- The CVE details panels in Vulnerability Findings now include a new section for "Applicable Patches."
- Expanded the available Java Heap Size options to include up to 8192 MB. Satellites running RAS scans now use a minimum of 4096 MB of Java Heap.
- The steps required to configure the service account are no longer necessary due to the adoption of the System User Service, which performs these tasks automatically.
- Added support for Rocky Linux and Alma Linux for vulnerability assessments.
- Added support for scanning Apple macOS - ARM64 (M1).
- Added support for scanning Amazon Linux 2 - ARM64 (Graviton).
Bug Fixes
- Fixed an issue with Connect Findings exports failing due to the column having "multiple values."
- Fixed an issue with scans failing due to the following:"Could not extract protected JRE: 19FailedToOpenZipFile."
- Fixed an issue with the Custom Checks flyout panel not scrolling
- Fixed an issue with the "Comply - Run Assessment - Unix" and "Comply - Run Assessment - Windows" sensors not requiring an Assessment ID as they should.
- Fixed an issue with assessment schedules being reset after running on-demand scans.
- Fixed an issue with compliance assessment HTML reports not excluding endpoint lists as they should.
- Fixed an issue with Connect exports including endpoints that shouldn't be in the report.
- Fixed an issue with the "Comply - Report Age" sensor returning incorrect values for some assessments.
- Fixed an issue with Comply Report Administrators not being able to perform on-demand scans.
Security Update
This release includes security updates. For details, including affected versions and mitigation information, see the Tanium Support Portal, or contact your TAM.
Known Issues
- Sometimes the findings count summary totals do not match the number of rows in the grid.
- Sometimes RAS findings have an incorrect operating system.
- RAS scans of ESXi devices fail when using a self-signed certificate that is not from a trusted certificate authority. See http://docs.tanium.com/comply/comply/troubleshooting.html#ras-scan-esxi-fails for details.
- Sometimes no dates are returned from the "Comply - CVE Findings - First Found" or "Comply - CVE Findings - Last Found" sensors.
- If updating from 2.11, existing RAS assessments may lose their targeting and will need to be recreated.
- If you update to 2.12 after updating to the engine package that includes the Corretto 11 JREs, you will not see the ARM JREs until you update the engine package again or update Comply.
- RAS findings for some device types (including Cisco IOS) are not processed by the Comply service. Devices that return their IP address with a "/subnetmask" identifier cause the service to error when processing the RAS results. The scan may complete successfully, but findings never appear in the Comply UI.
- Due to the adoption of the System User Service, after upgrading to Comply 2.12, it might take time for the database migration to complete and for RBAC privileges and other updates to sync properly. This could lead to issues and error messages when first querying the Tanium Console. These issues should resolve on their own after a few minutes, but could take longer depending on system resources and the amount of data to migrate.