Change Logs and Release Notes

Phish Alert Button (PAB) Change Log

Featured

Use this article to stay up-to-date with changes to the PAB. 

Note:Changes to the PAB may include new, updated, deprecated, or removed features. KnowBe4 reserves the right to terminate access to, use of, and support of features that are included as part of the Subscription Services, which is common with SaaS services as they are constantly changing and improving. This allows us to adapt to the evolving cybersecurity industry so we can provide current, high-quality services.

See the table below for a list of updates, with the latest updates displayed at the top.

Hybrid PAB Updates

Add-In Version Format: OA1.0 and OA2.0 (REST APIs), OA3.0 (Graph APIs)

Release Date Description
07/15/2024
  • We've updated the Hybrid PAB to support emails with larger attachments. When the Hybrid PAB uses REST APIs, you can now send file attachments up to 25 MB.
03/11/2024
12/19/2023
  • We've modified the way PAB handles read receipts. PAB will actively remove the read receipt flag when a user reports an email. With this flag removed, threat actors will not be informed if the email was read, nor will they know if the email address is active.
12/11/2023
  • We've updated the PAB's architecture from Vue2 with Webpack 3 to Vanilla HTML, CSS, and Javascript with Webpack 5. This update resolves Webpack security issues, removes and replaces libraries that had vulnerabilities, and improves the UI design and text. The updated UI text now supports languages that read from right to left, like Hebrew, and it improves the PAB's accessibility and ADA compliance.
06/15/2023
  • We've added an integration for the Hybrid PAB and Microsoft Defender for Office 365! When the Enable Microsoft 365 Defender Integration setting is enabled in your KSAT Account Settings, the PAB will send a copy of reported emails to Microsoft 365 Defender’s Submissions page for analysis. For more information, see our How to Integrate Microsoft Defender for Office 365 with the Phish Alert Button (PAB) article.
04/03/2023
  • We've released the Exclude original body text from reported emails feature, which allows you to send a copy of a reported email without body text. For more information, see our Phish Alert Button (PAB) Product Manual
03/14/2023
12/15/2022
11/30/2022
  • We've updated the Hybrid PAB so that when an email is sent out by the PAB, it will only have one attached EML file.
08/08/2022
  • We’ve improved the formatting of the email response message. When an email is reported, the email response message displays a simplified “NotificationDialog” URL in the pop-up window.
07/05/2022
  • We've improved the security of header validation. Now, the Hybrid PAB can use Campaign Recipient ID (CRID) validation to detect whether an email that is marked with a training header is a simulated phishing email or a legitimate threat.
12/16/2021
  • We've added a feature that allows your users to add comments and decide the disposition of an email. These features can be used together to give your security team a warning about suspicious emails and the types of threats the emails may pose. For more information, see our Adding User Comments and Email Disposition to the Phish Alert Button article.
10/10/2021
  • We've released the Autofill Phishing Languages with PAB Locale feature. This feature allows the PAB to autofill your users' profiles with their preferred phishing language if that field is left blank. For more information, see our Phish Alert Button Product Manual and our Localization Guide.
09/13/2021
  • We've released an email forwarding feature, which allows emails to be forwarded to services that require email forwarding, such as Proofpoint. For more information, see our Phish Alert Button Product Manual.
09/09/2021
  • We've updated the Hybrid PAB to support the Canada KSAT URL in the manifest files. This new update does not require existing Hybrid PAB users to reinstall the PAB.
06/16/2021
  • We've improved the MAPI Properties of MSG attachments.
  • We've included bug fixes for the Forward email prefix, Send a test, and the Unicode character support for attachment filenames.
05/10/2021
  • We've released the Hybrid PAB for Microsoft 365. The Exchange server can automatically detect your users’ mail client and backend server to configure the best version of the PAB for their environment.

Microsoft Ribbon PAB Updates

Add-In Version Format: OA4.0

Release Date Description
06/13/2024
  • We’ve released the Microsoft Ribbon PAB! You can now configure KnowBe4’s PAB with Microsoft’s integrated spam-reporting add-in. The integrated PAB will appear in the Home toolbar in your users' Outlook mail client ribbon, and it will allow your users to report suspicious emails to both the Microsoft 365 Defender platform and the KSAT console. For more information, see our Microsoft Ribbon Phish Alert Button Product Manual.

Outlook PAB Updates

Add-In Version Format: 1.1.x.x - 1.4.x.x (MSI) and 1.10.x.x (EXE)

Release Date Version Description
06/13/2024 1.10.14
  • We've updated the PAB for Outlook to improve the security for automatic updates.
04/17/2024 1.10.12
  • We've released an updated version of the PAB for Outlook! We've updated a support library and improved the security for automatic updates to the PAB.
  • We've resolved an issue causing the PAB to incorrectly create EML file attachments for some reported emails.
  • We've added the ability to submit reported emails directly to Microsoft 365 Defender's Submissions page. For more information, see our Integrate Microsoft Defender for Office 365 with the Phish Alert Button (PAB) article.
12/14/2023 1.10.10
  • We’ve implemented a bug fix for how the PAB for Outlook sends attachments. When Outlook is configured to prevent emails from being stored on the disk, the PAB will attach original emails in EML files.
  • We’ve also updated the PAB to use a proxy server when one is specified during installation, and to use the current user’s proxy settings when a proxy server is not specified.
10/20/2023 1.10.8
  • We've updated the PAB for Outlook to support the integration with Microsoft Defender for Office 365! When the Enable Microsoft 365 Defender Integration setting is enabled in your KSAT Account Settings, the PAB will send a copy of reported emails to Microsoft 365 Defender’s Submissions page for analysis. For more information, see our How to Integrate Microsoft Defender for Office 365 with the Phish Alert Button (PAB) article.
  • We've also updated the PAB to support the Exclude original body text from reported emails feature, which allows you to send a copy of a reported email without body text. For more information, see our Phish Alert Button (PAB) Product Manual.
  • We’ve implemented bug fixes for how the PAB responds to automatic updates, and how the PAB sends headers in EML attachments to PhishER.
  • We've improved the installation process for the PAB so that a proxy server will successfully validate a license key. We've also improved the process for troubleshooting PAB errors.
04/18/2023 1.10.6
  • We've updated the User Comments and Disposition feature. Admins can now specify different email recipients based on the reported email's disposition. For more information, see our Phish Alert Button (PAB) Product Manual. We've also updated the .NET Framework from 4.5.1 to 4.7.2.
  • We’ve implemented a bug fix to resolve an issue causing Outlook to disconnect from Microsoft Exchange or Microsoft 365 when certain conditions are met.
12/19/2022 1.10.4
  • We've updated the PAB for Outlook to support the user comments and email disposition features. These features can be used together to give your security team a warning about suspicious emails and the types of threats the emails may pose. For more information, see our Adding User Comments and Email Disposition to the Phish Alert Button article.
11/11/2022 1.10.2
  • We've implemented minor bug fixes and updated the PAB to support instances of KSAT.
08/22/2022 1.10.1
  • We’ve released an updated version of the PAB for Outlook, which will automatically update for existing users. We’ve reduced the size of the installer kit and reduced the length of time needed to start Outlook. We’ve also implemented a bug fix for downloading the PAB icon after it has been configured in your KSAT Account Settings.
08/02/2022 1.10.2
  • We've improved the security of header validation. Now, the PAB for Outlook can use Campaign Recipient ID (CRID) validation to detect whether an email that is marked with a training header is a simulated phishing email or a legitimate threat.
07/19/2022 1.10.2
03/07/2022 1.1.17 and older
08/10/2021 1.4.85
  • We've update the PAB for Outlook to allow it to communicate with the Canada instance upon installation.
  • We've updated some core libraries that were responsible for generating .eml files.
  • We've enabled a debugging option that allows the PAB for Outlook to generate multiple formats for attachment files. For more information, see our How to Enable PAB's Debug Mode article.
  • We've implemented a minor bug fix for how the PAB consumes and parses the KSAT server's responses.
04/14/2021 1.4.68
  • We've updated the PAB for Outlook to allow PAB for Outlook to be installed without network connection or using a network incapable account to install. If the PAB for Outlook is installed or uninstalled without a network connection, it will not be able to increment or decrement the installed devices count.
  • We've updated the PAB for Outlook so that when an email is sent out by the PAB, it will only have one attached EML file. The email content will no longer contain inline images.
08/24/2020 1.4.58
  • We've updated the PAB for Outlook to support Outlook 2010 and later. We have also removed the .NET4.0 requirement from our installation process. 
05/18/2020 1.4.48
  • We've updated the PAB for Outlook to include a security update.
05/18/2020 1.4.42
  • We've updated the PAB for Outlook to support the new email forwarding feature. If no forwarding email addresses are set in the PAB configurations but want copies of emails to be sent to KnowBe4, the KnowBe4 email address is used as a To - recipient.
  • We've updated the PAB for Outlook to change the source.eml file to phish_alert_sp2_2.0.0.0.eml for Microsoft 365 PAB users. We will be using this naming convention from now on, as it allows PhishER to identify PAB emails and provide better support.
  • In the installer, we've implemented minor bug fixes for the PAB icon appearing pixelated or not displaying as expected. These fixes also correct a problem during remote installation with LANDESK.
  • We've updated the EV certificate to now expire in two years.
  • We've improved the overall user experience and integration with Microsoft Outlook.
  • We've improved the PAB for Outlook to use the 64bit version of a support library when it is installed on a system running 64bit-Microsoft Outlook on 64bit Windows.
04/21/2020 N/A
  • We've implemented minor bug fixes and process improvements to support the PAB for Outlook on Windows 10 machines.
05/07/2019 1.3.98
  • We've updated the PAB for Outlook to support future PAB features.
11/09/2018 1.2.45
  • We've fixed a Hash Error message on some versions of Outlook.
10/25/2018 1.2.36
  • We've fixed an uncommon error with signature enforcement.
08/16/2018 1.2.30
  • We've fixed the issue of TLS 1.0/1.1 being disabled.
08/02/2018 1.2.29
  • We've fixed the issue of the PAB for Outlook appearing twice in the drop-down for Outlook 2010.
  • We've fixed log files for users of the PAB for Outlook. Log files will be located in C:\Users<username>\AppData\Roaming\KnowBe4\Phish Alert.
03/13/2018 1.1.17
  • We've fixed the ADX Loader - Error code: 0x80131022 error.
01/17/2018 1.1.16
  • We've fixed a Failed to parse response error and an uncommon error where the PAB is unclickable.
09/29/2017 1.1.11
  • We've fixed the issue of the Outlook Ribbon disappearing.
02/03/2017 1.1.9
  • We've updated some of the libraries we use for the PAB for Outlook to the current versions.
11/07/2016 1.1.7
  • We've included a bug fix to support scaled fonts. This is for high-resolution devices, such as the Microsoft Surface, that have font scaling. 
  • We've added support for a debug log.
10/20/2016 1.1.6
  • Now, some of the PAB DLLs have been signed so there are no more security warnings in tight security environments. 
Note:Updates to the Outlook PAB are delivered automatically, and your version number will change with the automatic updates.

Gmail Add-On PAB Updates

Add-In Version Format : GA1.x.x

Release Date Description
03/14/2023
09/21/2022
  • We've updated the Gmail Add-on PAB to support the user comments and email disposition features. These features can be used together to give your security team a warning about suspicious emails and the types of threats the emails may pose. For more information, see our Adding User Comments and Email Disposition to the Phish Alert Button article.
07/19/2022
  • We've added support for email forwarding from the Gmail Add-on PAB.
  • We've improved the security of header validation. Now, the Gmail Add-on PAB can use Campaign Recipient ID (CRID) validation to detect whether an email that is marked with a training header is a simulated phishing email or a legitimate threat.
04/08/2022
09/09/2021
  • We've updated the Gmail Add-on PAB to migrate the code from using a Contacts API to People API. For more information, see Google's Contacts API Migration Guide article.
  • We've updated the PAB to support Magic Mail and manual registration for the Canada instance of the KSAT platform.
05/10/2021
  • We've released the Gmail Add-on PAB for Google Workspace.

Chrome PAB Updates

Add-In Version Format: 0.1 x.x

Release Date Description
11/29/2023
  • We've fixed a bug from a Chrome update that prevented the PAB from displaying.
05/10/2023
  • We've fixed a bug that caused an error message to display when users clicked the PAB icon on the Chrome toolbar, or required users to reload a Gmail tab to display the Chrome Extension PAB.
03/15/2023
  • The Chrome Extension PAB now supports Google Chrome Manifest v3. The manifest file will automatically update for existing users.
07/25/2022
  • We've improved the security of header validation. Now, the Chrome Extension PAB can use Campaign Recipient ID (CRID) validation to detect whether an email that is marked with a training header is a simulated phishing email or a legitimate threat.
  • We've improved the response messages functionality for the Chrome Extension PAB. When emails are reported with the PAB, response messages are not displayed unless they are enabled in KSAT.
  • We've released the Email Forwarding feature to allow for emails to be forwarded to services, such as Proofpoint, that require that functionality. For more information, see our Phish Alert Button Product Manual.
09/15/2021
  • We've included a minor bug fix that reloads configuration data when a new Gmail tab is opened.
08/17/2021
  • We've updated the OAuth consent configuration to add "https://googleapis.com/auth/userinfo.profile".
  • We've fixed a bug that caused the Report By field to not populate in PhishER.
12/01/2020
  • We've fixed a bug that caused the hover-over prompt to display when the cursor was over the Labels button.
09/09/2020
  • We've updated the Google Suite PAB to send a copy of the reported email as a BBC when copying both the US and EU KnowBe4 email addresses.
  • We've updated the Google Suite PAB to support showing the full body of the original email instead of sending the original email as an attachment when an email is forwarded.
  • We've updated the Google Suite PAB to change the source attachment name in order for the email to be targeted by PhishER.
12/10/2019
  • We've added the option to set the length of time that the users see the message when they report an email using the Google PAB. You can change the response duration from your Account Settings page under the Phish Alert section.
10/07/2019
  • We've fixed the bug that caused the loading of the PAB icon to constantly load.
09/10/2019
  • We've updated the Google Suite PAB to remove unwanted URLs and domains from the manifest file and to stop PAB from running when it is not configured in the domain.
09/04/2019
  • We've updated the Google Suite PAB to support the new dynamic confirmation and thank you message features found on the Account Settings page.
Note:Updates to the Chrome PAB are delivered automatically.

Microsoft 365 PAB Updates

Add-In Version Format: 2.0

Release Date Description
08/02/2022
  • We've improved the security of header validation. Now, the PAB for Microsoft 365 can use Campaign Recipient ID (CRID) validation to detect whether an email that is marked with a training header is a simulated phishing email or a legitimate threat.
09/15/2020
  • We've fixed an issue with Centralized Deployment.
11/09/2018
  • We've fixed an issue with Centralized Deployment.
Note:Updates to the Microsoft 365 (formerly Office 365) PAB are delivered automatically. Your version number will not change (Version 2.0.0.0).

Exchange PAB Updates

Add-In Version Format: 1.0

Release Date Description
08/02/2022
  • We've improved the security of header validation. Now, the PAB for Microsoft Exchange can use Campaign Recipient ID (CRID) validation to detect whether an email that is marked with a training header is a simulated phishing email or a legitimate threat.
Note:Updates to the Exchange PAB are delivered automatically. Your version number will not change (Version 1.0.0.0).

Can't find what you're looking for?

Contact Support