Release Notes

Improvements

• Wildcard support in process authorisation rules — Matching arguments on execute process rules now supports wildcard (*) patterns. Arguments are also no longer case-sensitive. Additionally, resolved an issue where spaces in comma-separated values (e.g. "value1, value2") were not being trimmed correctly.

• Secondary account validation — Improved checks for valid user account state when using the temporary secondary account. If an invalid account state is detected, Elevate24 will automatically remove and re-create the user account.

• Demotion safety check — Before demoting accounts found in the admin group, Elevate24 now verifies that the user account actually exists on the device.

• Password policy compliance for secondary accounts — Added additional steps during password creation for the secondary admin account to verify the generated password meets any password policy deployed to the device via MDM. This is handled automatically and requires no additional configuration.

• Security monitoring log formatting — Fixed an issue with the formatting of security logs when used with the siemUploadURL preference key.

• Event log upload reliability — Fixed an issue where some event logs were not uploaded correctly.

• System extension installation reliability — Improved the extension installation process to resolve a rare issue where the extension could become stuck during an update.

New Features

Important: If you are using the siemUploadURL key on com.jigsaw24.Elevate24SecurityExtension, please verify that logs are uploading to your SIEM correctly before deploying this update across your estate.

Elevation and demotion scripts

Elevate24 now supports running custom scripts on elevation and demotion events. The username of the account being elevated or demoted is passed as the second argument ($1) to the script.

Note: This feature requires the system extension to be enabled (UseSystemExtension set to true).

Configuration keys