BeyondTrust Discovery Agent 26.2.0.2433 release notes
This release is available by download from the BeyondTrust Client Portal.
🆕 New features
Improved Windows service enumeration by performing the enumeration in the remote agent
We enhanced Windows service discovery by performing enumeration within the remote agent, improving accuracy and providing a more complete view of services on target systems.
Removed duplicate services reported on a target when the service is found in multiple registry hives (x86, x64, default).
Eliminate duplicate service entries by consolidating services discovered across multiple registry hives (x86, x64, and default), delivering a cleaner and more accurate view of services on target systems.
Improved security by eliminating the need to pass credentials on remote agent commands by adding user impersonation to the remote agent at the session level.
We increased security by eliminating the need to pass credentials with remote agent commands. The remote agent now performs commands using session-level user impersonation, ensuring credentials are not exposed in transit or execution. This approach reduces the risk of credential leakage while maintaining secure, seamless access to target systems.
Added the discovery of database instances
We added discovery of database instances (no enumeration) even if no database credentials are provided. Supported databases are:
- Microsoft SQL Server
- Oracle
- MySQL
- MongoDB
- PostGRES
Sybase and Teradata are not supported
Added discovery of additional Remote Desktop programs
We added support for additional Remote Desktop programs. The list of supported programs is the following:
- Dameware/SolarWinds
- LogMeIn
- Symantec PCAnywhere
- TeamViewer
- VNC
Improve the user privilege enumeration to include privileges granted via group membership
We enhanced visibility into user privileges by expanding enumeration logic to include access granted through both direct assignments and group membership. The system now evaluates all applicable security groups and aggregates inherited privileges, providing a complete and accurate view of a user’s effective permissions.
Removed the .NET 4.5 remote agent service
The .NET 4.5 remote agent is removed. Instead, it deploys a .NET 8 version (with .NET if necessary) if possible.
Enforce administrator execution for Phoenix Client and Discovery Tool
There is improved security by requiring that the Phoenix.Client.exe file and BTDiscoveryCmd now need to be run as Administrator.
✨ Enhancements
There are no new enhancements in this release.
⛔ Known issues
- Windows PowerShell doesn't properly send the command line options for btdiscovery.cmd to the program. This command needs to be run in a standard windows command shell.
- There is an issue running the Discovery Agent with .NET Hosting 8.0.1. Either downgrade to 8.0.0 or upgrade to 8.0.2 or greater.
- Sybase authentication is not supported for IPv6.
- MySQL 9 on Linux enumeration is not supported at that time.
🛠️ Issues resolved
| Description | Resolution |
|---|---|
| The Reports > Account > Database User List report incorrectly returned database role names as database users. | The Database User List report now correctly displays only database users and no longer includes database role names in the results. |
📝 Requirements
- There is a product dependency on having the .NET 8 Hosting package installed.
- OAuth authorization is dependent on having BI version 24.2.0.
- The Central Policy message to retrieve all scheduled scans is dependent on BI version 24.3.0 and higher.
⚙️ Signatures
- The MD5 signature is: 69a5805a7989ae846146158d05957380
- The SHA-1 signature is: d4358cf48d36aac282d93f97ee44ac9f5c475859
- The SHA256 signature is: 2f73f49539d7b78be756671dfa982445c36643001e3c3635d9f96a502686c93c
⏰ Deprecation notice
- Support for SSH Session encryption using the SHA1 cipher is removed. SHA256 or higher should be used.
- Support for DSA encryption as an SSH authentication cipher has been removed.
- Support for Windows 8 and Server 2012 as a scanner host is no longer supported.
- Support for Windows Server 2016 as a scanner host is deprecated.
