Version 11.1.10011.0

• Fixed: Security vulnerability CVE-2024-11859
• Fixed: A problem where the modification of Base64 encoded mail body in html format resulted into corrupted mail message
• Fixed: A problem where every 256th email was missing in the quarantine report

Version 11.1.10008.0

• New: Mail quarantine integration with ESET PROTECT On-Prem
• New: Quarantine reports can now be set up for administrators outside of the domain
• New: Support for On-demand Vulnerability scan for Vulnerability and Patch Management
• New: Vulnerability and Patch Management logging capability both locally and reporting to ESET
• New: Authenticated received chain verification support
• New: New macros available to use with rule "Send mail notification"
• New: RDP Access restriction feature
• Improved: Modification of body of Base64 encoded emails
• Improved: Brute force attack protection was extended to cover MS SQL and MySQL protocols
• Improved: Various Override mode modifications for better security and user experience
• Improved: Support for URL analysis in document-reference headers
• Improved: Macros available for rules are now more unified and with better explanation
• Improved: Performance improvements of agent priority setting both in GUI and ESET Shell
• Improved: Local mailbox counting in domains with multiple sub-domains
• Changed: ESET Mail Security now uses the Replay directory instead of Pickup directory on the Exchange Server to send internal notifications and reports
• Changed: Emails sent to journaling mailboxes will not be quarantined
• Changed: "Report a phishing site" was moved to setup/server for improved usability
• Fixed: Incorrect display of sender's IP address in SMTP protection logs
• Fixed: Modification of subject of phishing messages now works when detected during the on-demand scan

Version 11.0.10010.0

• Fixed: Security vulnerability CVE-2024-11859

Version 11.0.10008.0

• Improved: Added fallback to default on-demand scan account for error handling and compatibility with public folders. 
• Improved: An error record is now available in the Events log indicating the user provided invalid credentials for the elevated permissions account. 
• Fixed: A known issue with Vulnerability and Patch Management, where the vulnerability scan was unable to list Server OS vulnerabilities.
• Fixed: A problem where a not supported restart-related setting was displayed in the policy for the Vulnerability and Patch Management for ESET Mail Security. 
• Fixed: A problem where the policy-locked settings were displayed as inactive in the GUI. 
• Fixed: A problem where the header of the network protection log was not displayed.
• Fixed: An issue where Windows Updates were not being displayed in the GUI or in ESET PROTECT on systems older than Windows 10 RS4.
• Fixed: Security vulnerability CVE-2024-3779

Version 11.0.10005.0

• New: Microsoft 365 On-demand scan refactored to use Graph API to prepare for discontinuation of EWS
• New: Protection statistics reports now contain information about detected file types and file extensions
• New: Protection statistics reports can now be sent in .csv
• New: Administrator can now release the quarantined mail to the desired mailboxes only
• New: Homoglyphs are now being evaluated for phishing detection
• New: Notifications for triggered email rules can now be sent to the original recipients
• New: Vulnerability & Patch Management support
• New: ESET PROTECT Hub Support
• New: In-product support state informing according to End-of-life policy
• New: Extended generation of Automatic Exclusions with the use of arbitrary credentials
• New: ESET Shell can now export data to .csv
• Improved: Rules now contain separate filters for .vsd and .vsdx
• Improved: Various improvements on DKIM signing workflow design
• Improved: ESET Shell now supports creation of scheduler tasks for protection statistics reports
• Improved: Quarantine report can be now password protected
• Improved: Optimized loading of mailboxes and public folders for on-demand scan in environments with large AD
• Improved: IPs and URLs in Quarantine reports are now obfuscated to avoid further detection
• Improved: Document-Reference headers checked by anti-phishing protection
• Improved: ESET Cluster wizard now informs about the result of product activation on individual nodes
• Improved: Imported configuration from cluster node (within synchronization) will have the cluster as source in the audit log
• Changed: Documents are now sent for analysis by default after enabling of ESET LiveGuard Advanced
• Changed: Cluster menu option has been moved from “Tools” to "Setup/Server" section
• Fixed: A problem with DKIM signing due to case-sensitive comparison of domains
• Fixed: A problem where an expired session of web quarantine returned error 403 instead of the login screen
• Fixed: Support for the new structure of anti-spam lists in ESET Shell
• Fixed A problem where a status message “Updates are available” could not be dismissed
• Fixed: A problem where execution of signed batch file through ESET Shell was not working properly
• Removed: Support of Microsoft Windows Server 2012-based operating systems (NT 6.2)