MetaDefender Drive v4.4.6



Released on Jun 18, 2026

This release includes new features, improvements, bug fixes

New Features

  • Windows Forensics Data Collection: MetaDefender Drive collects Windows forensic artifacts during a scan, providing crucial information to aid SOC and security investigations. For how-to, visit the new documentation here Collect Forensic Windows Artifacts with MetaDefender Drive

  • Show Drive and Scanned Device in Reports : Scan reports now include scanned machine and storage drive serial numbers, providing traceability for audit and compliance tracking.

  • Email In-Session scan report via Kiosk: In-Session scan reports will be sent in emails via Kiosk when a Drive is plugged in.

  • Indicator for My OPSWAT Managed: Adds a visual indicator to show which settings are managed by My OPSWAT, helping administrators quickly identify locked/centrally-controlled configurations.

  • New unsafe indicators: Improved risk visibility and user awareness of unsafe devices in scan reports

Improvements and Bug Fixes



  • Refines elapsed time moving smoothly the user interface

  • Resolves incorrect engine status indicator in MetaDefender Drive user interface, ensuring accurate color-coded visibility of engine readiness for customer

  • Single view for Engine Initializing: removed scrollbar and handle so all engines show on screen at once, engines not ready are at top

  • Removes misleading "0 out of 8" report data to cut false-positive escalations and strengthen user confidence.

  • Fix message for invalid certificate in Central Management

  • Users can enroll MetaDefender Drive without knowing the exact OCM URL path

  • Operators now see a clear cancellation reason directly in the scan report (txt/PDF/JSON), eliminating confusion between a failed scan and a completed scan with skipped files.

  • After flashing via Drive Toolkit, the custom Central Management certificate chain is now preserved — so enterprise customers using a private CA no longer have to manually re-accept untrusted certificates on every re-flash.

  • Scans that previously hung indefinitely (14+ hours) on certain PDF/archive files now complete reliably, eliminating forced reboots and giving operators full confidence that a scan will always finish.

  • Laptops in BitLocker "waiting for activation" state (partially encrypted, key still exposed) are now automatically decrypted and scanned by MetaDefender Drive

  • In-Session scans that previously completed with thousands of "Not Scanned" files and engine errors now finish with accurate, reliable results

  • The Deployment Toolkit can now be run directly on a Kiosk machine without conflicts

  • Improve message for Central Management Server with a clear, actionable dialog with the certificate's name, issuer, and fingerprint