Change Log for the PAB

Use this article to stay up-to-date with changes to the PAB.

Note: Changes to the PAB may include new, updated, deprecated, or removed features. KnowBe4 reserves the right to terminate access to, use of, and support of features that are included as part of the Subscription Services, which is common with SaaS services as they are constantly changing and improving. This allows us to adapt to the evolving cybersecurity industry so we can provide current, high-quality services.

See the table below for a list of updates, with the latest updates displayed at the top.

Hybrid
Outlook
Gmail Add-On
Chrome
Microsoft 365
Exchange

Hybrid PAB Updates

Add-In Version Format: OA1.0 and OA2.0

Release Date	Description
12/11/2023	We've updated the PAB's architecture from Vue2 with Webpack 3 to Vanilla HTML, CSS, and Javascript with Webpack 5. This update resolves Webpack security issues, removes and replaces libraries that had vulnerabilities, and improves the UI design and text. The updated UI text now supports languages that read from right to left, like Hebrew, and it improves the PAB's accessibility and ADA compliance.
06/15/2023	We've added an integration for the Hybrid PAB and Microsoft Defender for Office 365! When the Enable Microsoft 365 Defender Integration setting is enabled in your KMSAT Account Settings, the PAB will send a copy of reported emails to Microsoft 365 Defender’s Submissions page for analysis. For more information, see our How to Integrate Microsoft Defender for Office 365 with the Phish Alert Button (PAB) article.
04/03/2023	We've released the Exclude original body text from reported emails feature, which allows you to send a copy of a reported email without body text. For more information, see our Phish Alert Button (PAB) Product Manual
03/14/2023	We've updated the User Comments and Disposition feature. Admins can now specify different email recipients based on the reported email's disposition. For more information, see our Phish Alert Button (PAB) Product Manual.
12/15/2022	We've updated the Hybrid PAB to support the user comments and email disposition features for Microsoft Exchange servers. For more information, see our Adding User Comments and Email Disposition to the Phish Alert Button article.
11/30/2022	We've updated the Hybrid PAB so that when an email is sent out by the PAB, it will only have one attached EML file.
08/08/2022	We’ve improved the formatting of the email response message. When an email is reported, the email response message displays a simplified “NotificationDialog” URL in the pop-up window.
07/05/2022	We've improved the security of header validation. Now, the Hybrid PAB can use Campaign Recipient ID (CRID) validation to detect whether an email that is marked with a training header is a simulated phishing email or a legitimate threat.
12/16/2021	We've added a feature that allows your users to add comments and decide the disposition of an email. These features can be used together to give your security team a warning about suspicious emails and the types of threats the emails may pose. For more information, see our Adding User Comments and Email Disposition to the Phish Alert Button article.
10/10/2021	We've released the Autofill Phishing Languages with PAB Locale feature. This feature allows the PAB to autofill your users' profiles with their preferred phishing language if that field is left blank. For more information, see our Phish Alert Button Product Manual and our Localization Guide.
09/13/2021	We've released an email forwarding feature, which allows emails to be forwarded to services that require email forwarding, such as Proofpoint. For more information, see our Phish Alert Button Product Manual.
09/09/2021	We've updated the Hybrid PAB to support the Canada KMSAT URL in the manifest files. This new update does not require existing Hybrid PAB users to reinstall the PAB.
06/16/2021	We've improved the MAPI Properties of MSG attachments. We've included bug fixes for the Forward email prefix, Send a test, and the Unicode character support for attachment filenames.
05/10/2021	We've released the Hybrid PAB for Microsoft 365. The Exchange server can automatically detect your users’ mail client and backend server to configure the best version of the PAB for their environment.

Outlook PAB Updates

Add-In Version Format: 1.1.x.x - 1.4.x.x (MSI) and 1.10.x.x (EXE)

Release Date	Version	Description
10/20/2023	1.10.8	We've updated the PAB for Outlook to support the integration with Microsoft Defender for Office 365! When the Enable Microsoft 365 Defender Integration setting is enabled in your KMSAT Account Settings, the PAB will send a copy of reported emails to Microsoft 365 Defender’s Submissions page for analysis. For more information, see our How to Integrate Microsoft Defender for Office 365 with the Phish Alert Button (PAB) article. We've also updated the PAB to support the Exclude original body text from reported emails feature, which allows you to send a copy of a reported email without body text. For more information, see our Phish Alert Button (PAB) Product Manual. We’ve implemented bug fixes for how the PAB responds to automatic updates, and how the PAB sends headers in EML attachments to PhishER. We've improved the installation process for the PAB so that a proxy server will successfully validate a license key. We've also improved the process for troubleshooting PAB errors.
04/18/2023	1.10.6	We've updated the User Comments and Disposition feature. Admins can now specify different email recipients based on the reported email's disposition. For more information, see our Phish Alert Button (PAB) Product Manual. We've also updated the .NET Framework from 4.5.1 to 4.7.2. We’ve implemented a bug fix to resolve an issue causing Outlook to disconnect from Microsoft Exchange or Microsoft 365 when certain conditions are met.
12/19/2022	1.10.4	We've updated the PAB for Outlook to support the user comments and email disposition features. These features can be used together to give your security team a warning about suspicious emails and the types of threats the emails may pose. For more information, see our Adding User Comments and Email Disposition to the Phish Alert Button article.
11/11/2022	1.10.2	We've implemented minor bug fixes and updated the PAB to support instances of KMSAT.
08/22/2022	1.10.1	We’ve released an updated version of the PAB for Outlook, which will automatically update for existing users. We’ve reduced the size of the installer kit and reduced the length of time needed to start Outlook. We’ve also implemented a bug fix for downloading the PAB icon after it has been configured in your KMSAT Account Settings.
08/02/2022	1.10.2	We've improved the security of header validation. Now, the PAB for Outlook can use Campaign Recipient ID (CRID) validation to detect whether an email that is marked with a training header is a simulated phishing email or a legitimate threat.
07/19/2022	1.10.2	We've released the EXE version of the PAB for Outlook. This version of the PAB uses an EXE file instead of an MSI file and supports automatic updates. For more information, see our Outlook (EXE Version) Phish Alert Button Product Manual.
03/07/2022	1.1.17 and older	Starting July 1st, 2022, we will no longer support versions of the PAB older than version 1.2.30 that use TLS 1.0. For more information, see our End of Support for Phish Alert Buttons Using TLS 1.0 article.
08/10/2021	1.4.85	We've update the PAB for Outlook to allow it to communicate with the Canada instance upon installation. We've updated some core libraries that were responsible for generating .eml files. We've enabled a debugging option that allows the PAB for Outlook to generate multiple formats for attachment files. For more information, see our How to Enable PAB's Debug Mode article. We've implemented a minor bug fix for how the PAB consumes and parses the KMSAT server's responses.
04/14/2021	1.4.68	We've updated the PAB for Outlook to allow PAB for Outlook to be installed without network connection or using a network incapable account to install. If the PAB for Outlook is installed or uninstalled without a network connection, it will not be able to increment or decrement the installed devices count. We've updated the PAB for Outlook so that when an email is sent out by the PAB, it will only have one attached EML file. The email content will no longer contain inline images.
08/24/2020	1.4.58	We've updated the PAB for Outlook to support Outlook 2010 and later. We have also removed the .NET4.0 requirement from our installation process.
05/18/2020	1.4.48	We've updated the PAB for Outlook to include a security update.
05/18/2020	1.4.42	We've updated the PAB for Outlook to support the new email forwarding feature. If no forwarding email addresses are set in the PAB configurations but want copies of emails to be sent to KnowBe4, the KnowBe4 email address is used as a To - recipient. We've updated the PAB for Outlook to change the source.eml file to phish_alert_sp2_2.0.0.0.eml for Microsoft 365 PAB users. We will be using this naming convention from now on, as it allows PhishER to identify PAB emails and provide better support. In the installer, we've implemented minor bug fixes for the PAB icon appearing pixelated or not displaying as expected. These fixes also correct a problem during remote installation with LANDESK. We've updated the EV certificate to now expire in two years. We've improved the overall user experience and integration with Microsoft Outlook. We've improved the PAB for Outlook to use the 64bit version of a support library when it is installed on a system running 64bit-Microsoft Outlook on 64bit Windows.
04/21/2020	N/A	We've implemented minor bug fixes and process improvements to support the PAB for Outlook on Windows 10 machines.
05/07/2019	1.3.98	We've updated the PAB for Outlook to support future PAB features.
11/09/2018	1.2.45	We've fixed a Hash Error message on some versions of Outlook.
10/25/2018	1.2.36	We've fixed an uncommon error with signature enforcement.
08/16/2018	1.2.30	We've fixed the issue of TLS 1.0/1.1 being disabled.
08/02/2018	1.2.29	We've fixed the issue of the PAB for Outlook appearing twice in the drop-down for Outlook 2010. We've fixed log files for users of the PAB for Outlook. Log files will be located in C:\Users<username>\AppData\Roaming\KnowBe4\Phish Alert.
03/13/2018	1.1.17	We've fixed the ADX Loader - Error code: 0x80131022 error.
01/17/2018	1.1.16	We've fixed a Failed to parse response error and an uncommon error where the PAB is unclickable.
09/29/2017	1.1.11	We've fixed the issue of the Outlook Ribbon disappearing.
02/03/2017	1.1.9	We've updated some of the libraries we use for the PAB for Outlook to the current versions.
11/07/2016	1.1.7	We've included a bug fix to support scaled fonts. This is for high-resolution devices, such as the Microsoft Surface, that have font scaling. We've added support for a debug log.
10/20/2016	1.1.6	Now, some of the PAB DLLs have been signed so there are no more security warnings in tight security environments.

Note: Updates to the Outlook PAB are delivered automatically, and your version number will change with the automatic updates.

Gmail Add-On PAB Updates

Add-In Version Format : GA1.x.x

Release Date	Description
03/14/2023	We've updated the User Comments and Disposition feature. Admins can now specify different email recipients based on the reported email's disposition. For more information, see our Phish Alert Button (PAB) Product Manual.
09/21/2022	We've updated the Gmail Add-on PAB to support the user comments and email disposition features. These features can be used together to give your security team a warning about suspicious emails and the types of threats the emails may pose. For more information, see our Adding User Comments and Email Disposition to the Phish Alert Button article.
07/19/2022	We've added support for email forwarding from the Gmail Add-on PAB. We've improved the security of header validation. Now, the Gmail Add-on PAB can use Campaign Recipient ID (CRID) validation to detect whether an email that is marked with a training header is a simulated phishing email or a legitimate threat.
04/08/2022	We've released our new automatic activation feature for the Gmail Add-on PAB. With this features, users will no longer need to manually activate their PAB with a license key, and Magic Mail will not be required for users. For more information, see our How to Use Automatic Activation for the Gmail Add-on Phish Alert Button (PAB) article.
09/09/2021	We've updated the Gmail Add-on PAB to migrate the code from using a Contacts API to People API. For more information, see Google's Contacts API Migration Guide article. We've updated the PAB to support Magic Mail and manual registration for the Canada instance of the KMSAT platform.
05/10/2021	We've released the Gmail Add-on PAB for Google Workspace.

Chrome PAB Updates

Add-In Version Format: 0.1 x.x

Release Date	Description
11/29/2023	We've fixed a bug from a Chrome update that prevented the PAB from displaying.
05/10/2023	We've fixed a bug that caused an error message to display when users clicked the PAB icon on the Chrome toolbar, or required users to reload a Gmail tab to display the Chrome Extension PAB.
03/15/2023	The Chrome Extension PAB now supports Google Chrome Manifest v3. The manifest file will automatically update for existing users.
07/25/2022	We've improved the security of header validation. Now, the Chrome Extension PAB can use Campaign Recipient ID (CRID) validation to detect whether an email that is marked with a training header is a simulated phishing email or a legitimate threat. We've improved the response messages functionality for the Chrome Extension PAB. When emails are reported with the PAB, response messages are not displayed unless they are enabled in KMSAT. We've released the Email Forwarding feature to allow for emails to be forwarded to services, such as Proofpoint, that require that functionality. For more information, see our Phish Alert Button Product Manual.
09/15/2021	We've included a minor bug fix that reloads configuration data when a new Gmail tab is opened.
08/17/2021	We've updated the OAuth consent configuration to add "https://googleapis.com/auth/userinfo.profile". We've fixed a bug that caused the Report By field to not populate in PhishER.
12/01/2020	We've fixed a bug that caused the hover-over prompt to display when the cursor was over the Labels button.
09/09/2020	We've updated the Google Suite PAB to send a copy of the reported email as a BBC when copying both the US and EU KnowBe4 email addresses. We've updated the Google Suite PAB to support showing the full body of the original email instead of sending the original email as an attachment when an email is forwarded. We've updated the Google Suite PAB to change the source attachment name in order for the email to be targeted by PhishER.
12/10/2019	We've added the option to set the length of time that the users see the message when they report an email using the Google PAB. You can change the response duration from your Account Settings page under the Phish Alert section.
10/07/2019	We've fixed the bug that caused the loading of the PAB icon to constantly load.
09/10/2019	We've updated the Google Suite PAB to remove unwanted URLs and domains from the manifest file and to stop PAB from running when it is not configured in the domain.
09/04/2019	We've updated the Google Suite PAB to support the new dynamic confirmation and thank you message features found on the Account Settings page.

Note: Updates to the Chrome PAB are delivered automatically.

Microsoft 365 PAB Updates

Add-In Version Format: 2.0

Release Date	Description
08/02/2022	We've improved the security of header validation. Now, the PAB for Microsoft 365 can use Campaign Recipient ID (CRID) validation to detect whether an email that is marked with a training header is a simulated phishing email or a legitimate threat.
09/15/2020	We've fixed an issue with Centralized Deployment.
11/09/2018	We've fixed an issue with Centralized Deployment.

Note: Updates to the Microsoft 365 (formerly Office 365) PAB are delivered automatically. Your version number will not change (Version 2.0.0.0).

Exchange PAB Updates

Add-In Version Format: 1.0

Release Date	Description
08/02/2022	We've improved the security of header validation. Now, the PAB for Microsoft Exchange can use Campaign Recipient ID (CRID) validation to detect whether an email that is marked with a training header is a simulated phishing email or a legitimate threat.

Note: Updates to the Exchange PAB are delivered automatically. Your version number will not change (Version 1.0.0.0).