Information about the IMPEX release 5.3.0

Release Type: General

Release date: 2025-05-09

The IMPEX 5.3.0 release

This release contains a few bug fixes, a new feature and also upgrades the underlying operating system to Sysctl Linux 41.

We have added an option to the unpack encrypted archive functionality; if enabled and a user extracts an encrypted archive at the Station, the Yara rules blocking encrypted files will skip that archive. The unpack archives was introduced in the 5.2 release, and this new option makes this feature work better with the Yara scanning rule for detecting encrypted zip files.

The Offline upgrade process has also been improved with better feedback to the user if something goes wrong when applying software or AV definition updates.

ICC changes

  • Add “Decrypted archives suppress Yara” configuration checkbox. If a user extracts an encrypted archive at the Station, the Yara rules blocking encrypted files will skip that archive. This makes it possible to block encrypted archives unless they are extracted and scanned.
  • Make sure X509 certificates added or updated always have the correct SELinux label

REPO changes

  • There was a timestamp comparison bug in the TrendMicro repo update script that could cause it to not update the AV definitions.
  • Make sure added and updates X509 certificates always have the correct SELinux label

USBProtect changes

  • Offline upgrades and signed bundle executions now show script output on failure which helps in support cases.
  • Do not block unpacked encrypted archives with enabled Yara rules if “Decrypted archives suppress Yara” is enabled in the configuration card.
  • A second fix for customers using the .local domains which caused interoperability problems with the new Sysctl Linux operating system. The earlier fix in 5.1.3 was not enough.
  • Added OS upgrade support to the Offline upgrade process
  • We switched USB drive partitioning tooling to one that is more Windows compatible according to our testing
  • The encrypted archive detection was changed to only look at files ending with .zip, .7z and .rar to avoid running on all files on a source device being inserted which sometimes could introduce quite a delay

Documentation

  • The station manual was updated with the encrypted zip unlock functionality released with 5.2.0

Information

Operating system packages

General packages updates

Online Documentation

Further details and configuration guidance are available in the official documentation:

https://sysctl.se/impex/documentation/

SBOM

Each ISO and VHD release has a software bill of materials (SBOM), to make introspection of the release easy to integrate with a number of security tools.

Update Instructions

For networked Impex stations this release will be automatically installed as part of the regular update process. No manual steps are required from administrators or users. The system will apply the update seamlessly in the background, ensuring that the latest fixes are in place without any interruption to normal operations.

For standalone Impex stations, your organisation need to download the update from portal.sysctl.se in accordance with the update instructions in chapter “USBProtect in offline mode” in the Impex USB Protect user manual.

Sysctl portal

https://portal.sysctl.se/

Documentation for offline patching

https://sysctl.se/impex/documentation/usb-protect-user-manual/#updates-and-patching

Sysctl rss/atom

https://sysctl.se/feed.xml