IMPORTANT: This site is planned to be decommissioned in 2026. Visit the Tanium Resource Center for all Tanium release notes, user guides, and support information. To view release notes in the Resource Center, see Tanium Release Notes.
IMPORTANT: If you are using semi-annual releases for on premises, see the Release notes for 2024H1 semiannual release, Release notes for 2024H2 semiannual release, or Release notes for 2025H1 semiannual release on the Tanium Resource Center.
Effective October 15, 2024: On prem release notes on the Tanium Knowledge Base are frozen. For release notes related to 7.4 or 7.5 Server and Solutions, see the Monthly updates for Tanium Version 7.4 and 7.5 Server and Solutions on the Tanium Resource Center.

Release Notes Tanium Client (Version 7.6.2.1204)

From Tanium Knowledge Base
Jump to navigation Jump to search

Thank you for choosing Tanium. The following Release Notes document changes between releases of the Tanium Client.
The previous Tanium Client version can be found here: Release Notes Tanium Client (Version 7.4.10.1086)

Tanium Client 7.6.2.1204

  • Tanium Cloud availability date: April 24, 2024.
  • On-premises availability date: May 1, 2024.

Special Notes

  • Starting with the first release of the v7.6.2 Tanium Client, the SNI value in TLS ClientHello messages will contain the name or IP address of the ServerName being targeted for connection. Tanium Client communications in environments where SNI inspection is enabled, and where bespoke SNI values were whitelisted will have to be configured to allow for targets in ServerNameList to be allowed instead.
  • Updates the End User License Agreement (EULA) for Tanium Platform products to its latest 2024-05 version.

Security Updates

  • N/A.

New Features

  • The Tanium Client will now use SIGTERM on long running Sensors and Actions before issuing a SIGKILL signal.
  • Enables file chunk downloading in non-leader endpoint clients when a linear chain ChunkRequest has not been serviced in over PeerChunkRequestTimeout. After these many seconds (default 300) a non-leader endpoint will request chunks directly from a server unless RequestChunksFromServerOnTimeout is set to the value of zero.
  • The Tanium Server will now reflects its isolated status where it has no peers to connect with. The Status.IsIsolated setting will help solutions decide how to operate most efficiently according to this state value.
  • Tanium Clients will now report its ActionLock status so it can be presented in the browser console Action Status summary user interface.
  • Offers a new encoding for names in the Tanium Client ServerNameList where individual names can be prefixed by a number and an underscore (e.g. 1_servername) to specify a priority group. Connections to servers will be prioritized by their group number and then randomized within it to choose a destination to connect to.
  • Exposes the Tanium Client internal metrics through the TaniumCX get-metrics CLI command.
  • Tanium Client installation packages for Solaris v11 are now provided in Image Packaging System (IPS) format.
  • The Tanium Client now replaces its original Tanium Client -m process with TaniumCX run-framework.
  • Implements direct-download functionality on the Tanium Client, where the client will still be allowed to request chunks from its peers but any missing chunks must be downloaded by the interested client instead of the backward leader in a chain.
  • Tanium protocol communications now uses the TLS v1.3 Certificate Authorities extension instead of the SNI indicator available in previous TLS implementations. This should benefit users who find it difficult to disable or manipulate the SNI inspection of their security software.
  • The TaniumPython.dll file now contains version information on the file's metadata.
  • Adds the ability for the Tanium Client to communicate the execution result of a deployed action.
  • The Tanium Client will now use its stable leader connection to send results reports to the server, instead of opening a new ephemeral connection as it did in legacy clients.
  • Added the TaniumExtractor binary utility to Tanium's suite of tools in order to replace other extractors like 7z.
  • The Tanium Client now requires a session token to be presented in API request headers and not in the SOAP request body when RequireClientAPISessionInHeaders is set. This avoids the parsing of XML when a proper session token is not presented up front.
  • The Tanium Client will no longer reset CX extensions according to MonitorResetIntervalInHours. Extensions will now be reset only if and when the Tanium Client performs its own reset.
  • Limits the size of allowable sensor results to be cached to avoid unrestricted memory growth of the Tanium Client when running poorly written sensors. The maximum allowed result size can be controlled with the SensorMaxResultSize configuration parameter.
  • Tanium component zipped logs will now contain the same older log files renamed with a date and time suffix (YYYY-MM-DD-hhmmss) which will make their names unique when unzipped.
  • Tanium components now ship with FIPS-certified OpenSSL v3.
  • Implements Tanium Client peer-to-peer bandwidth throttling no longer controlled in terms of messages per second but by the PeerBandwidthThrottleBytesPerSecond client setting.
  • Implements the ability on the Tanium Client to extract the contents of ISO images, which is necessary to support use cases in the Deploy solution module.
  • The Tanium Client will now execute Python sensors in a dedicated process labeled as TaniumClient --python-sensor which will avoid the common need to restart the TaniumClient -a process.
  • Implements the direct reporting of results for sensors that use the sensitive data flag in Tanium Client v7.6.
  • The Tanium Client will now persist into a database and load known actions on initial registration.
  • The Tanium Client will now persist and read action statuses from its action database.
  • Implements the migration of existing actions and their statuses into the Tanium Client's new actions.db.
  • Implements the StateProtectedFlag=1 feature on the new Tanium Client actions database.
  • Ensures the timely execution of built-in sensors like Action Statuses which now follow maxAge rules like any other non-reserved sensor.
  • Implements a mechanism in the Tanium Client where it will back-off issuing download requests when its Tanium Server is exceeding its configured bandwidth limits and incurring on high queue delays.
  • The Tanium Client now saves and flushes the contents of its question and action databases during shutdown.
  • Forces a Tanium Client to isolate if its server message buffer limits are exceeded, to allow it to process its own pending messages over those received from its peers.
  • Implements backing up the original values for those temporary environment variables the Tanium Client now manages for its sub-processes. The original values are stored in variables named with the BACKUP prefix.
  • Implements client side handling of sensor execution priorities to complement the new question priority feature in coordination with CX requests.
  • Implements the Tanium Client settings SensorPenaltyThresholdMilliseconds=100 to specify which sensors are considered long-running, and SensorPenaltyMaxMilliseconds=2000 to control the stalling of the evaluation pipeline.
  • Implements "cx_channel_response_*" metrics that tally the number of messages and bytes exchanged across the Tanium Client to CX communications channel.
  • Brings back support and distribution of the runasuser.exe binary utility which is needed by some pieces of custom content.
  • Ensures that built-in sensors skip the evaluation queue in the Tanium Client since their fast execution allows them to be preempted quickly.
  • The reserved Tanium Client internal sensor Action Statuses will now not return more than ActionStatusSensorLimit recent action statuses.
  • The windows client uninstaller will now kill the client if it does not stop within 20 minutes. This allows the upgrade to work even if the client process is hung.
  • The Tanium Client now implements a tanium_sensor_queue_wait_seconds histogram metric that tracks the distribution of queue wait times for the execution of every sensor.
  • Disables sensor execution penalties on the Tanium Client by making SensorPenaltyThresholdMilliseconds=0 the out of the box default setting value.
  • New Tanium Clients now honor the global setting ResultsEpoch which when changed will reset their strings and question results data only. This is a subset of what a change in DatabaseEpoch would do, offering the benefit that this new operation will not reset the endpoint's ComputerID.
  • The Tanium Client will now present a small sized message when requesting file chunks, to reduce the amount of upstream traffic in systems where the limit of download connections has been reached.
  • Adds client setting ClientMinTLSVersion with default value of "1.2".
  • Updates the EULA wording in Tanium components to its 2024 version.
  • The TaniumExecWrapper.exe for Windows clients is now delivered as a signed binary.
  • Updates the wording of the Tanium Platform EULA.
  • Updates the End User License Agreement (EULA) for Tanium Platform products to its latest 2024-05 version.

Improvements

  • The Tanium Client will now immediately remove an action folder after the action finishes running
  • The Tanium Client will now periodically vacuum its SQLite databases.
  • Implements a new schema for the Tanium Client result cache that matches the new SensorReport format.
  • The Tanium Client will now only re-execute Sensors when their results maxAge value is reached and no longer perform maxAge/2 additional executions.
  • Implements the serialization of the new direct_download_flag for package file definitions in the Tanium Client.
  • The Tanium Client now uses fully asynchronous communications when establishing its connections to servers and peers.
  • Drops support for loading TaniumTrace DLLs which are no longer used and necessary.
  • Refactors the in-memory handling of package file hashes as hash values instead of strings which can be more prone to bugs in their handling.
  • Modifies the pki show command line in Tanium components to work for tanium-init.dat files without the presence of a pki.db. The command now assumes that the file name parameter is a tanium-init.dat file unless its extension is .db in which case it will be read as a pki.db database.
  • Refactors the Tanium Client SSL session store to track session tickets by IP address and implements the eviction of expired records.
  • Implements HTTP proxy client connections over the improved asynchronous communications model.
  • Simplifies the organization and flow of ServerName selection, resolution and proxy connections in the Tanium Client.
  • The Tanium Client installer now provides a more specific firewall rule just for the communications port of the TaniumClient.exe binary.
  • The Tanium Client now handles results in its ClientResultCache based on the immutable sensor ID that produced them.
  • The Tanium Client will now clearly log when the DisableTrace flag is set on an endpoint.
  • Adds the ability to read Tanium Client settings from an extension process.
  • The v7.6 Tanium Client is no longer sensitive to time drifts that can cause [CRU] results.
  • Removes unused settings for string error flags and prefixes: error_string_prefix, error_string_regex and generic_error_string_flag.
  • The TaniumCX binary will now verify the signatures of the third party libraries it uses before loading them.
  • Implements sensor and action communication pipes which CXs will use to communicate with the Tanium Client instead of using disk-based mailboxes.
  • The Tanium Client will now log active script begin and end messages at LogVerbosityLevel>10 to reduce log spam.
  • The Tanium Client can now handle several sequential download requests over the same connection instead of opening a new one. Idle download connections will be closed after thirty seconds of inactivity.
  • Adds ability for Tanium Client created temporary files to use Windows attribute FILE_ATTRIBUTE_TEMPORARY which prevents the file being written to disk whenever possible.
  • The Tanium Client will now uses a SHA-256 hash for the identification of contents in direct download requests.
  • The Tanium Client will try to cast sensor results into a number value even when the definition does not define the result value as numeric. This allows for better handling of data types even for sensors which were created incorrectly.
  • Added a more efficient means to gather client configuration path information from the Tanium Client.
  • Unifies the handling of sensor results and their results cache between the Tanium Client and extension processes.
  • Added arguments to the Tanium Client that lightens the touch on an RPM database to support Software Manager functionality.
  • Tanium Client will retrieve the computer name directly without caching on all operations except for sensor and client evaluations to reduce the chance of caching interference.
  • The Tanium Client will no longer truncate VBScript sensor results to a limit of 64KB.
  • Tanium Client connections will now follow a 60 second timeout instead of the historic 3 seconds. This should benefit busy systems with less than ideal network connectivity.
  • Removed the old concept of slow peers that is deprecated by other mechanisms already in the Tanium Client.
  • The Tanium Client now persists the ids of sensor statistics requests as not to respond repeatedly to the same request across client restarts.
  • The Tanium Client's subsystem in charge of download requests now cleans its file buffer cache periodically to reduce the number of file descriptors it keeps open.
  • The Tanium Client will now run with a question_check_diffs_seconds=60 default.
  • The Tanium Client will now restore the environment of its sensor evaluation process instead of restarting it if a sensor execution has modified it.
  • Tanium Clients will now re-evaluate sensors when checking actions for targeting criteria.
  • Implements the cleaning of expired action logs in the new Tanium Client.
  • Implements the cleaning of expired action folders in the new Tanium Client.
  • Implements the cleanup of expired actions from the Tanium Client's actions.db database.
  • Implements referential integrity cascaded deletions on in action.db for stopped actions.
  • Tanium Platform components now ship with xz v5.2.9 compression libraries.
  • Enables the tracking of encryption key ids in the management of Tanium Client databases when StateProtectedFlag is enabled.
  • Tanium Platform components now ship with TBB v2021.7.
  • Improves the performance of TLS session ticket verification in all Tanium Platform components.
  • Implements faster client to server re-connections when there are pending downloads waiting completion.
  • Implements WAL-mode operation for the platform's pki.db database.
  • The Tanium Client installer on Windows will no longer remove and add again the Tanium Client service unless deemed necessary. It will just replace the service's binary instead.
  • Improves the performance and resource utilization of PKI operations by not re-verifying certificate chains immediately after they are issued.
  • Implements WAL-mode operation for the platform's config.db database.
  • Implements periodic save and cleanup operations on the Tanium Client's SQLite databases.
  • The Tanium Client now uses a timed, periodic enforcement of its StateProtectedFlag instead of doing this on every settings update event.
  • The Tanium Client will now execute its downloads database maintenance cleanup every hour instead of every ten minutes. This interval can be controlled using the CleanDownloadDBInterval client setting expressed in seconds.
  • Avoids a sensor cache lookup in the Tanium Client when resolving hashes in preparing question results.
  • The Tanium Client will now log "No valid servers are configured" if its ServerName and ServerNameList settings are not configured.
  • The Tanium Client will now not fail to start if it cannot access Powershell on its running endpoint. It will simply log "PowerShell not accessible" and continue to run without it. This may render content and solutions unusable but the client will not stop.
  • Receives incoming messages for the Tanium Client from the CX framework subsystem and honors any restart requests received.
  • The Tanium Client will no longer perform an epoch reset when DatabaseEpoch changes from an empty or missing value to an actual epoch value. This prevents performing a reset on first install.
  • The Tanium Client will promptly refresh the return value for the Action Statuses sensor whenever an action is completed. This speeds up action status reporting on the Tanium Console.
  • Improves Tanium Client question processing by not emitting changing results when the changed data is omitted through a select filter. This is an optimization aimed at questions like: Get Action Statuses starts with 27477 from all machines.
  • Implements support for diskless mailbox execution for Visual Basic script sensors in the Tanium Client.
  • Implements support for diskless mailbox execution for shell-script sensors in the Tanium Client.
  • The Tanium Client will now return a maximum of 10,000 result rows as controlled by the SensorMaxResultRowCount client configuration setting.
  • Client download API requests now copy files into a .tmpcopy sub-folder on the destination path, to avoid the requesting agent to detect partially downloaded files.
  • Honors the Tanium Client MessageBufferByteLimit setting.
  • Improves the Tanium Client logging of the failure conditions for HTTP downloads.
  • Adds logging to the ClientAPIFileCopy subsystem in the Tanium Client to allow for easier troubleshooting.
  • Fixes a problem in the Tanium Client for AIX to detect when AIXSetLibPaths setup would fail on startup, resulting in the error: module libcrypto.so could not be loaded.
  • Reduces the memory utilization on the Tanium Client by clearing its question cache after it is persisted to disk.
  • Implements additional logging around sensor evaluation in the Tanium Client at higher LogVerbosityLevel>60 settings.
  • Raises the LogVerbosityLevel at which the Tanium Client issues "Sensors failed verification" in order to reduce log spam.
  • Improves the performance and memory footprint of the Tanium Client by making use of better SQL queries to load its initial state.
  • Implements WAL operation mode on the Tanium Client's manual_groups and url_requests databases, which reduces the amount of filesystem activity.
  • Ensures that the Tanium Client internal sensor cache keeps synchronized with the verifiable contents of its sensor database.
  • The Tanium Client will now compress large question result reports as controlled by its EnableReportCompression and ReportCompressionThreshold which defaults to 1,024 bytes.
  • Adds additional logging for the state of downloads requested through the Tanium Client API.
  • Changes the tanium_sensor_runtime_seconds metric in the Tanium Client to be presented as a histogram instead of a counter, offering more granular insights into these measures.
  • Adds logging to the Tanium Client around start and stop operations over the CX execution framework.
  • Adds logging of incorrect SOAP sessions to the Tanium Client API when the value is provided in the message body, as is done when presented as a request header.
  • Tanium Platform components now ship with SQLite v3.42.0.
  • Reduces log spamming in the Tanium Client on a disabled or unavailable client extension framework.
  • Ensures that old expired and revoked certificates are cleaned up from the pki.db database.
  • Makes the TaniumExtractor tool more resilient to errors as to allow it to continue processing whenever possible.
  • Adds support for incoming HTTP2 connections initiated with prior knowledge and an correct connection preface.
  • The Tanium Client offers better handling of long timeouts when communicating with its client extension components, which could happen during endpoint sleep cycles.
  • Improves the error handling and resilience of the communications between the Tanium Client and the client extension framework when receiving oversized messages through. their communications channel.
  • The Tanium Client will now send verbatim sensor result values if their length is shorter than that of the hash that would be used to represent the value itself.
  • Ensures that URL to chunk mappings known to the Tanium Client are not just saved periodically but also on shutdown to avoid any loss of data.
  • The Tanium Client now reduces ReflectionConnectMaxRetryInSeconds down to sixty seconds instead of five minutes to make its back-off interval shorter, and also resets its back-off interval after achieving a connection to a server, even if the connection does not close cleanly. This allows endpoints to be more resilient in their attempts to secure a server connection under adverse network conditions.
  • Improved the coordination between the Tanium Client and the extension execution framework startup and shutdown, which also fixes the unexpected log message "Couldn't get version of TaniumCX" when stopping the client.
  • Tanium Platform components now use Curl v8.5.0 libraries.
  • Upgrades Tanium components to use JsonCpp v1.9.5.
  • Changes the behavior of ranked-selection of servers in the Tanium Client, where now in a setting like "ServerNameList: 1_TSa,1_TSb,2_ZSa,2_ZSb,ZSc", TSa and TSb will still be given priority over ZSa and ZSb and the non-prefixed ZSc entry will have the lowest priority.
  • Renames the OpenSSL v3 libraries in the AIX Tanium Client to libssl-3.so and libcrypto-3.so to allow having both v1 and v3 libraries to be deployed.
  • Reduces the number of places where SHA hashes of keys are calculated by using their previously calculated fingerprints instead, improving code efficiency and performance.
  • Adds TLS Client Authentication and Server Authentication extended key usage values to all certificates generated.
  • Tanium components now disable SHA-1 and SHA-224 signature schemes in the TLS protocol.
  • These Platform components now ship with SQLite v3.45.1.
  • Tanium Platform components now ship with OpenSSL v1.0.2zj.
  • The Tanium Client will now report back partial data when a sensor result it too large.
  • Platform components are now built with libExpat v2.6.0.
  • Tanium components now ship with OpenSSL v3.2.1 and v3.0.9 when using FIPS support.
  • Reduces the access rights requested by Tanium installers on Windows in order to minimize failures due to hardening on the operating system.

Bug Fixes

  • Fixed a condition on the Tanium Client where setting local configuration values with the same name but different case would result in the error InvalidParentKey and break the TaniumClient config command line option.
  • Fixed an issue in the Tanium Client in interpreting Package file download network messages where it would sometimes log assertion 'hash.size() > 0 && hash.size() <= kMaxHashSize' failed when requesting a client API download and running with LogVerbosityLevel=41 or higher.
  • Fixes an OpenSSL random number generator initialization problem that would result in the error "SSLEAY_RAND_BYTES:PRNG not seeded" which is innocuous but should not happen anymore.
  • Fixed a bug where the install log on the Tanium Client will continually add a new log every time a client is installed/upgraded. This is resolved by adding install-backup-[date].log rotation.
  • The Tanium Client will now use database locks when applying StateProtectedFlag configurations, to avoid conflicts while applying the implied encryption of contents.
  • Fixes a bug where if the Client Extension (CX) or TaniumClient process dies and there is a partially written CX message, the CX connection fails until the TaniumClient service is restarted. This supports the CX Sensor improvement initiative.
  • Fixes a bug where a Client Extension sensor request will hang if the TaniumClient -c process is restarted. This supports the CX Sensor improvement initiative.
  • Fixes a bug where a Client Extension sensor request will hang if a response is dropped. This supports the CX Sensor improvement initiative.
  • Fixes an issue where the Tanium Client may not rotate log files correctly.
  • Revised a memory configuration to increase performance while accessing sqlite databases on the Tanium Client.
  • Fixes a problem where the Tanium Client would fail to execute Python code with the log message "not enclosed in Tanium Client folder" when the downloads folder is relocated.
  • Eliminates trimming from registry MULTI_SZ values to preserve data where whitespace is significant.
  • Fixes an issue in the Tanium Client where cleaning of action logs and folders would not honor the CleanActionLogsIntervalInDays global setting.
  • Fixes the mode settings on the Tanium Client's taniumclient.service file to avoid the error message: Configuration file taniumclient.service is marked executable.
  • Fixes an omission in the Tanium Client where Windows COM errors were not properly encoded as UTF-8 strings.
  • Fixes a problem where the Tanium Client would not honor a properly set ValidateAllLibrarySignatures=0 in its CX execution framework.
  • Fixes an issue in the removal of expired PKI keys in the Tanium Client which would show as repeating duplicate "Erasing expired key" messages in pki.log.
  • Fixes a condition where internal sensors could stall question results on MacOS Tanium Clients.
  • Ensures that built-in reserved sensors honor their configured maxAge setting.
  • Fixes the operation of the ActionFolderRetentionMinutes setting on the Tanium Client to keep action folders for this period of time, as long as disk space on the endpoint does not fall below minimum levels.
  • Reduces the logging of the SQLite "Failed to reset statement" message which is neither significant nor important.
  • Fixes the handling of legitimate h2c connection closures.
  • Fixes an issue with the Tanium Client where it may log "assertion '!m_resetRequired && !m_challengeRequired' failed" and then stop right after completing a server challenge.
  • Fixes a timing condition in the Tanium Client which would make it wait for longer than necessary when stopping the CX execution framework, giving the impression that they system was idling unnecessarily.
  • Fixes an error in the instrumentation of the Tanium Client which would prevent the client from starting with the message: Metric result_retries_received already registered.
  • Fixes a behavior in the Tanium Client by which it would always deliver its sensor statistics information to its reporting server instead of forwarding them to its connected peer.
  • Modified the output of the TaniumClient quarantine list command to match that of legacy versions, because there exist content sensors and packages that depend on the format of this output.
  • Introduces controls on the Tanium Client to determine the structure and content of string hash reports.
  • Fixes a condition in the Tanium Client where it would incorrectly send a throttle control command which would risk breaking its established connections.
  • Fixes an issue in the way the Tanium Client services sensor evaluation requests from the client extension framework, where it would return a "Sensor not found" failure during sensor synchronization operations. The Tanium Client will now enqueue these requests until the synchronization is completed.
  • Fixes an error condition in the state handling of outgoing HTTP connections from the Tanium Client which would produce the log error: assertion 'm_state == kStateEstablished' failed.
  • Fixes an issue in the initialization of Tanium Client throttles which would result in the log error: assertion 'm_count < kMaxThrottles' failed.
  • Fixes an omission in the Tanium Client mechanism which should stop its client extension framework which would cause the log error: assertion 'm_channel' failed while stopping or during a CX restart.
  • Fixes a problem in the Tanium Client when parsing proxy PAC file configurations referenced by ProxyAutoConfigAddress and which contain more than one PROXY entry definition, resulting in the logged message "Failed to parse proxy name. Too many colons" at LogVerbosity=41 and failing to select a proxy to communicate with a Tanium Server.
  • The Tanium Client now registers all temporary sensors requested for evaluation by the extensions subsystems and treats them in the same way as client-initiated evaluations, to avoid extension group failures that would be logged with "Group evaluation failed. Sensor not found. Skipping item".
  • Improves the Tanium Client logging in log-script-child.txt when a Python sensor is executed from a process which does not have the client as a parent process, stating "Sensor child process has invalid parent" which is something that happens in Kubernetes environments when using Intel binaries on Apple silicon.
  • Fixes an issue in the Tanium Client by where configurations without a ListenPort configuration setting would result in using the ProxyPort setting to listen on. This would mostly affect servers where the value of the proxy port in use could block other services from binding.
  • Fixes an omission in the latest client version where its download API did not report the percentage completion of the Downloading requests in progress.
  • Fixes an issue where the Tanium Client would attempt to validate the signature of library files no longer available in the system, like OpenSSL v1, and cause failures to start.
  • Fixes a problem in the Tanium Client by which it would not honor its ClientCacheLimitInMB setting and only allocate 100MB of storage for its downloads chunk cache.
  • Adds a missing fips.so library to the Tanium Client installer for AIX.
  • Increases the size of the number of sensors allowed to queue for evaluation between the extensions subsystem and the Tanium Client, to avoid running into the condition indicated by the "[client.sensors] Error: Maximum write queue reached" error.
  • Fixes a dependency of Python v3.8 on SQL libraries which was missing and would result in the Tanium Client logging "sqlite3 - undefined symbol: sqlite3_errstr" and causing dependent operations like patching to fail on some Linux platforms.
  • Modified the handling of temporary sensor evaluations requested by the extensions subsystem to the Tanium Client, to avoid an elevated number of requests observed.
  • The Tanium Server implements the setting PeerReceiveTimeout2=30 for v7.6 clients and above, while keeping PeerReceiveTimeout=10 for the benefit of v7.2 clients which depend on peer keep-alive messages based on this shorter duration.
  • Fixes an issue in the Tanium Client where it would not update its known IP address when switching from one network to another, displaying its old address in client status and failing to update its own detected configuration settings.
  • Older OpenSSL1 binaries are no longer saved in the Tanium Client Backup directory on client upgrade.
  • Fixes an issue in the serialization of temporary sensor evaluation requests made by the extension framework to the Tanium Client. This issue could cause negative targeting errors for systems like Endpoint Configuration.
  • Adjusts the treatment of TLS v1.3 which are expected to be single-use and would cause extra handshakes and tickets created when not managed correctly.

Known Issues and Workarounds

  • N/A.

Product Documentation and Resources