Skip to main content

Netskope Help

Fixed Issues In Release 101.0.0

Here is the list of fixed issues in this release.

Issue Number

Category

Description

206530

API Data Protection

Fixed an issue in retroactive scan for Microsoft Office 365 OneDrive for Business where the API Data Protection missed triggering a policy for files within a folder.

221773

API Data Protection

Fixed an issue for Microsoft Office 365 Teams where Teams was not seen in the UI when filtered with an external user.

228804

API Data Protection

Fixed an issue where a retroactive scan got stuck if the creator of a batch of files was suspended. This issue was observed in Box app.

223898

API Data Protection

Fixed an issue where CASB-API audit events were incorrectly marked as “Netskope Activity” when inline traffic to the SaaS destination was redirected from Netskope dataplane POPs. This issue was observed in Box app.

217500

API Data Protection

Fixed an issue which caused retroactive scans to continue processing a SharePoint site document library despite being excluded from the policy definition. This issue was obsered in Microsoft Office 365 SharePoint Sites.

225215

API Data Protection

If there are multiple attachments with the same name and downloaded through our webUI, the duplicate filenames will be prefixed with random values. This issue was observed in Gmail.

221006, 215695

Behavior Analytics

Fixed an issue in Behavior Analytics policies where application Instance selection clears when a different Scan Type value is selected.

196923

CASB Real-time Protection

Netskope fixed an issue where Download activity was bypassed and not detected.Connector changes were done in order to avoid false positives.

222834

CASB Real-time Protection

Fixed an issue by updating logic for Instance ID extraction in ODFB excel.

223615

CASB Real-time Protection

This fix improved the Instance ID and "from_user" extraction for Microsoft Outlook.

205350

CASB Real-time Protection

Fixed a network location issue where the IP range was not working as expected.

207843

CASB Real-time Protection

Fixed an issue where maxconn value of 2048 was causing connection failures in the authservicelb. The maxconn value is now updated to 8192 which is the value for maximum connections that authservicelb allows to authservice.

221682

CASB Real-time Protection

A URL access issue where special character failed parsing was fixed by incorporating the special character checks for log-in to SAML > ForwardProxy.

228871

CASB Real-time Protection

MS Outlook introduced a new URL to fetch the download token, that is. "/service?action=GetAttachmentDownloadToken". The bug was introduced due to the new URL, and as a fix the new URL is added to the system.

222665

CASB Real-time Protection

Fixed an issue in O365 Native apps preventing them from getting blocked when both bypassMDM and SAML KVP is configured.

231953

CASB Real-time Protection

Fixed the existing extraction logic in Google Cloud Platform to provide accurate instance_ids for users.

224142, 224140

CASB Real-time Protection

Enhanced event detection code for creating a contact and multiple file download detection. Earlier the event was not detected as the traffic was getting changed.

209601

CASB Real-time Protection

Fixed an issue by adding a new resource to enhance efficiency for from_user extraction.

209936

CASB Real-time Protection

Netskope fixed an issue where from-user value was missing for some events by improving Instance ID extraction logic for Outlook Native.

220956

CASB Real-time Protection

Fixed an issue in Microsoft Power Apps where a file upload was undetected. Adding a new resource to support file uploads fixed the issue.

220445

CASB Real-time Protection

In this fix, Netskope added file_size for the Upload event. The following policies will not work in Upload Activity:

  • file-size block policy

  • alert policy

224862

CASB Real-time Protection

Fixed an issue by enhancing from_user extraction for attaching a file in mail.

202998

Cloud Confidence Index (CCI)

Netskope fixed an App Tagging failure due to synchronization issue where UI made consecutive calls. With this fix, only one call is made from UI to CCI service and rest of the services are updated on the backend asynchronously and the UI polls the service for the response.

225732

Data Protection

Fixed an issue with the Unlikely Matches Filter in which all but the last number in a single-column list of space-delimited numbers was rejected as invalid. For instance, it would only match the second line in the following example:

132 465 798

243 576 809

218687

Data Protection

WEB UI is now fixed to display correctly the advanced option selected as "Keywords" or "Regex" while creating or editing entity objects.

215991

Data Protection

An issue was fixed to select or deselect at least one file attribute which allows to create or modify the File profile.

228051

Data Protection

Increased DLP backend timeout from 50s to 90s for tenants with increase_dlp_timeout feature flag enabled.

227160

Data Protection

Fixed a regression issue with the DLP Entity validation framework which impacted only the previous release. It caused increased false positives with the Belgian National ID Number Entity, as well as any predefined or custom Entities that were configured with Luhn validation. Other validators remained unaffected.

193885

Data Protection

Netskope fixed an issue by adding validation for French INSEE numbers Entity. Earlier the French INSEE number Entity did not have a validation checksum which resulted in false positives.

225627

Data Protection

URL Lists now supports the domain and sub domain that starts or ends with underscore, but the top level domain (.com) does not allow underscore. For example, _rd-dep_._sample_.com.

221824

Data Protection

Fixed an issue where Web UI failed to render forensic preview, if the forensic data size was greater than 10 MB.

222620

DNS Security

With this fix Cloud Firewall applied the default policy rule on the first packet for all the UDP traffic if no explicit policy rule was matched. This avoids any kind of UDP packet leak that was present before.

221660

Incident Management (IM)

Forensics Files generated by DLP scans and saved to OneDrive and SharePoint, no longer generates DLP incidents of their own.

208021

Netskope Secure Web Gateway (NG SWG)

Netskope fixed an issue by avoiding policy lookup for achecker URLs.

210254

Netskope Secure Web Gateway (NG SWG)

Netskope fixed an issue where the Telemetry App Policy Lookup feature was enabled and a transaction had a cloud application associated with both the Host and Referer URLs, CCL policies were evaluated for both applications.

This caused unexpected behavior as any associated application event or alert contained the CCL of the Referer only, but the transaction might match a CCL policy based on the CCL of the Host application instead.

With this fix, only the Referer application will be used for CCL policy evaluation. If a cloud application is associated with both the Host and Referer URLs there is no change in behavior when the Telemetry App Policy Lookup feature is disabled.

212626

Netskope Secure Web Gateway (NG SWG)

Fixed an issue where in devices page of the site azureiotcentral.com was not loading when tss-scan-v3 was enabled.

156477

Netskope Secure Web Gateway (NG SWG)

Netskope features a foreground/background detection system which when applied to web traffic enables block alerts for a webpage to be shown only on the main page.

Traffic for all native apps that do not have an app-specific connector are subjected to this detection logic. The background detection logic takes into account the response headers sent back from the server, while the response never reaches the user. This might result in a potential information leakage due to the user's request being fully transmitted to the destination server.

To fix this issue, a "native_app_access_notification" feature flag was introduced. Which when enabled causes the traffic to be classified as background traffic therefore bypassing the foreground or background detection logic. Enabling this feature, is subject to all native app traffic evaluation resulting in higher rates of user-facing notification pop-ups.

220068

Netskope Secure Web Gateway (NG SWG)

Netskope matched the encoding format HTTP response body sent to Client with the one received from server.

206541

Netskope Secure Web Gateway (NG SWG)

Fixed an issue by creating category based block policy which now displays alert with correct justification usage or false positives.

222710

Netskope Secure Web Gateway (NG SWG)

Fixed an issue where a Page Event incorrectly indicated a page as isolated inspite of taking correct actions.

222073

Netskope Secure Web Gateway (NG SWG)

Fixed an issue where bypass Page Events were occasionally generated with Synthetic access method. These are internally generated connections and events that are not expected to be generated for these types of connections.

226528

Netskope Secure Web Gateway (NG SWG)

Netskope fixed an issue where certain POST requests of type form-data was not working when DLP rules where enabled.

228171

Netskope Secure Web Gateway (NG SWG)

Netskope fixed an issue where custom URL category was temporarily missing during custom URL Lists or custom category update.

177723

Netskope Secure Web Gateway (NG SWG)

Fixed an issue where the names of renamed user groups were not displayed in the Real-time Protection policy detail view.

180546

Netskope Secure Web Gateway (NG SWG)

An issue where user was unable to click and edit on a policy even when other related data was loading and the issue was fixed by optimizing policy table.

218755

Netskope Secure Web Gateway (NG SWG)

Fixed a bug where earlier a user from an older customer clicked edit and no tunnel option popped.

229655

Netskope Private Access (NPA)

Prior to restarting NPA service, Netskope Client checks and factors in all conditions such as, user disable, admin disable, on-prem status, and so on.

217624

Netskope Private Access (NPA)

Fixed an issue to display appropriate error message  if the user has access to more application hosts than permitted with the "host limit".

221563

Platform Services

If Role has manage and apply permission for App Definitions then New Certificate Pinned App is disabled. A workaround is to create a role which has manage permission for App Definitions.

221540

Remote Browser Isolation (RBI)

Fixed an RBAC V1 issue with view only permission, where the user could not see the list of RBI template names for filterRBITemplate and it was throwing a Permission denied message in Skope IT pages. The RBAC V1 helper code has been updated to prevent the issue.

221749

Remote Browser Isolation (RBI)

Fixed an issue in Skope IT > Applications page and Users page where users were seeing an incorrect Filter by RBI template option.

209042

Remote Browser Isolation (RBI)

Netskope fixed a known issue where cookies generated in isolation were not stored by default in the end user’s local browser when the "private navigation" was disabled in their RBI template. You can discard the workaround proposed in the previous release.

213114

Risk Insights

Fixed an issue where some information related to user agent was not extracted properly. The issue was resolved using the agent-parse library. The information is now parsed properly.

222441

Skope IT

Fixed an issue in Skope IT >Events > Application Events where content was hidden as the page cannot be scrolled.

206907

SaaS Security Posture Management (SSPM)

Fixed an issue where muting all the SSPM raw findings failed. This issue was observed in Netskope SaaS Security Posture Management's compliance dashboard.

203522

Traffic Steering

Fixed an issue where AirDrop was not working when the Client was enabled.

215837

Traffic Steering

Fixed an issue where traffic was not going through the tunnel for a macOS v13 virtual machine. Apple has fixed this with their recent beta Builds 13.1 22C65 and 13.2 22D5027D.

222401

Traffic Steering

Netskope fixed an issue where incorrect Windows OS version was displayed on the WebUI device page.

192513

Traffic Steering

Netskope Client respond to route changes only when the Netskope Tunnel IP and user IP are of same address family (v4 or v6).

206071

Traffic Steering

Netskope fixed the Windows Client agent service hang and timeout issue caused by internal lock mechanism.

222646

Traffic Steering

IoCreateDeviceSecure() is used to control access to the driver for every IOCTL. By using this with security descriptors, only system or admin processes are allowed to open a handle.

219888

Traffic Steering

Fixed a Client installer issue on domain joined Linux machine when login-formats is {domain}\{user_name}.

211384

Traffic Steering

With this release non-admin users are incapable to stop Windows Client service.

222645

Traffic Steering

If autoupgrade is disabled, remove any STAgent.msi package which is left in the programdata\netskope\stagent\data cache. Rename m_isInstallationHelperFlow to m_isSvcFlow and set it to true only for stAgentSvc service process.

208985

Traffic Steering

Fixed an issue that the macOS Client sometimes automatically is enabled under some circumstances.

209132

Traffic Steering

Legacy device classification component doesn't support multi cert, newer version will support this function. Netskope rolls out newly refactored service that include this feature.

211697

Traffic Steering

Netskope fixed an enrolment issue for Microsoft Teams on Android when ADFS was configured.

219886

Traffic Steering

Fixed an OpenDevice issue on IPv4 only device. With this fix, IPv6 was enabled by default on all Linux distros.

224893

Traffic Steering

Fixed a crash issue that occurred while handling log message.

224832

Traffic Steering

Fixed an issue that existing bypass TCP connection was blocked when failClose was activated on tunnel disconnection.

223954

Traffic Steering

Fixed a bypass-by-tunnel issue when app domain and tunnel domain was "*"  in certificate pinned app exception.

209646

Traffic Steering

Netskope fixed a fail close not working issue for un-provisioned user under multiple user mode on Windows.

226299

Traffic Steering

Client enforcement fails due to invalid ELF header, the root cause is that libxmljs ARM version library in Enforcer is incompatible with prod server intel CPU. The libxmljs Intel version is redeployed to repair Client enforcement.

228009

Traffic Steering

Fixed a log rotation issue when the log size was greater than 25 MB.

225979

Traffic Steering

Fixed an issue where Netskope certificate cannot be imported into Firefox certificate store when self-protection was enabled on Windows.

228523

Traffic Steering

The traffic to that destination exception should be bypassed locally, when an exception is marked as Treat like local IP.

228693

Traffic Steering

Netskope fixed an fail close mode failure issue by fixing the process crash so fail close can block all internet access.

229981

Traffic Steering

Fixed an issue where Client cross process connection on some Windows machine failed between UI and service after waking up from sleep.

228009

Traffic Steering

Netskope fixed an issue where Client notifications were not working in Explicit Proxy over IPSec or GRE Tunnels mode.

228523

Traffic Steering

The traffic to that destination exception should be bypassed locally, when an exception is marked as "Treat like local IP".

228693

Traffic Steering

Netskope fixed an fail close mode failure issue by fixing the process crash so fail close can block all internet access.

224443

Traffic Steering

Netskope fixed an issue to improve WebUI performance for Search OU/Group from Client Configuration was improved.

229981

Traffic Steering

Fixed an issue where Client cross process connection on some Windows machine failed between UI and service after waking up from sleep.

230229

Traffic Steering

Netskope fixed an issue where Client notifications were not working in Explicit Proxy over IPSec or GRE Tunnels mode.

179238

Traffic Steering

An issue where client package cannot be downloaded through IDP authentication is fixed now.

230341

Traffic Steering

Fixed a UDP data handling issue which caused tunnel to disconnect from Netskope Client for Mac users. This was observed when Cloud Firewall mode was enabled.

221336

Traffic Steering

The Steering Exception added by user should retain when User switches from Cloud App to Web Traffic, Web Traffic to All Traffic, and All Traffic to Cloud App or vice-versa.

224209 , 223752

Traffic Steering

Fixed an issue where server returned error response when trying to fetch user groups, and database that has large user groups dataset for example, around or above 1 million records.

219492

UI Platform

Fixed a drag and drop control issue by providing a workaround of refreshing browser and then dragging and dropping.