Release Notes 6.9.0
The major release ACMP 6.9 is now available. Our goals for this release are better server load balancing, clearly defined maintenance windows, and targeted endpoint management.
ACMP maintenance windows
Client management without maintenance windows? Not with ACMP 6.9!
Client Management, maintenance profiles can now be created and maintenance windows can be set up as one-time or recurring events in a dedicated calendar view. Protect clients and servers from unintended changes and distribute the load to times when you want it.
If a maintenance profile is assigned to a client, jobs that could potentially change the system will only be executed if the client is within the maintenance window. This gives you complete flexibility: you can choose to ignore maintenance windows for selected jobs or have scanners that result in one or more system changes take maintenance windows into account.
The authorization to ignore maintenance windows can be controlled as usual via user management.
With the new start condition "Within maintenance windows," you can also ensure that jobs are always executed within a maintenance window.
Please note: Unlike the "Time window" start condition, there is no option to start execution at a random time. Therefore, if many clients are assigned the same maintenance profile, load peaks may occur.
This feature is currently supported by the Windows agent; the Unix agent will follow shortly with the next release.
For more information, please refer to the manual. [Link]
ACMP Boot Images & Boot Templates (OS Deployment)
Always just rolling out new Windows images? Surely there's more to it than that.
ACMP now offers the ability to boot custom boot images (e.g., Linux live distributions or rescue CDs) over the network. And with the new Wipe Boot Templates, Diskpart scripts can be rolled out centrally to format disks and partitions.
ACMP now compares the UUID of the clients for corresponding boot jobs in the Network Boot Service Broadcast. If a client does not send a UUID, the MAC address is still used to check whether corresponding boot jobs or Windows rollout jobs are available. Each selected endpoint can thus be clearly identified for upcoming jobs.
Existing boot images can now be updated directly in the console using a rebuild function to make any parameter adjustments quickly and easily available. Intuitive, automatic updates for images already stored in ACMP.
ACMP Client Management
Query management has been expanded and the filter can now be switched to Filter Control. This makes it easier to set filters more accurately, as is customary with other modules.
ACMP CAWUM
The automatic rejection of updates has been revised. There is now a new page in the settings where you can use the familiar filters to set more granular criteria for rejecting updates. All fields associated with an update are available within the filter. This allows you to filter by parts of the name, for example.
Within the Windows Update Collections, an advanced filter is now also available, which you can use – as with automatic rejection – to define more granularly which updates should be included in the collection and which should be excluded.
As part of the adjustments, third-party software catalogs were checked and (in the case of Lenovo) the catalogs incorrectly stored by the manufacturer were corrected.
ACMP Vulnerability Management
Vulnerability management has been adjusted in several areas. The deep scan has been expanded so that multiple elements belonging to a vulnerability can now be found.
A history is now created for each client for the vulnerabilities. It tracks when a vulnerability first occurred, when it was last found, and when it was closed. A recurrence of the vulnerability is also documented. An overview of all vulnerabilities, including a history, can be called up to check retrospectively whether previous vulnerabilities have been detected and remedied. Simple integration into a report is also possible.
It is still possible to exclude a vulnerability; each exclusion now requires a reason to be entered, which is documented with the user and date/time.
The vulnerability reports can now be edited and grouped in the familiar ACMP style, like a pivot table. In the corresponding views, multiple vulnerabilities can be selected to add them to a container. As the transaction continues, the Container Wizard dialog opens.
ACMP Azure Marketplace
ACMP is now available via the Azure Marketplace. The stored version is recommended for test environments.
ACMP Web Interface
The ACMP Helpdesk web interface has been redesigned to scale better with different screen resolutions. This requires a new installation of the Helpdesk. For more information, please refer to the manual.
ACMP Defender Management
Microsoft has made changes to ASR (Attack Surface Reduction) in the Security Baseline Update for Windows 11 25H2. ACMP offers the option to monitor or block the execution of such commands in accordance with this group policy.
Discontinuations
As part of product maintenance, the ACMP Command Launcher is being discontinued and will be removed in the next major release. If you are still using the ACMP Command Launcher, please migrate to the ACMP Kiosk before updating.
The Online Package Manager (OPM) has been replaced by the Managed Software (MSW) module in 6.0.0 and will be removed from the console with this release.
Note and further information
Our EULA had to be updated due to a change in the commercial register. We ask you to confirm this when installing the release.
The vulnerabilities in the previous OpenSSL version did not affect ACMP. To continue to provide our customers with the best possible protection, the OpenSSL version has been updated as a preventive measure.
Client commands with the status "removed from production" remain in the database. The ACMP server now has a cleanup job to clean up the database and delete these client command versions. In existing environments, this cleanup job must be activated manually.
Updated components
ACMP Server requires SQL Server 2016 for smooth operation. The compatibility level is now checked during installation to ensure that all components function properly.
Note: The manual lists all additional components that may need to be updated separately. From there, you can navigate to the appropriate components and find instructions on how to update them if you are unfamiliar with the process. Manual link
Changelog
Further details on the corrected and improved points can be found in our changelog .