Cortex XDR Agent Addressed Issues
List of addressed issues in Cortex XDR agent 7.0 releases.
The following tables lists the issues that are addressed in Cortex XDR agent 7.0 releases.
XDR Agent 7.0.3 Addressed Issues
In an environment where the Cortex XDR agent is connected to the Cortex XDR management console through a proxy, fixed an issue where the agent failed to register after upgrading to Cortex XDR 7.1 release due to incorrect timeout settings.
Fixed an issue where the Cortex XDR agent failed to connect to the server using an invalid ID even with the
Cytool reconnect forcecommand.
Addressed security issues.
Fixed an issue on endpoints where Behavioral threat protection (BTP) was disabled, that security policy recalculation was triggered even if there were no policy updates.
Fixed a performance issue that occurred on Mac endpoints running heavy script loads.
Enhanced the agent log to include more details when an agent fails to download new content as a result of bandwidth management issues.
Fixed an issue where the Cortex XDR agent did not report device control violations for a USB device if the device serial number ended with one or more null characters.
Fixed an issue where the Cortex XDR agent failed to collect log files when executing the
Cytool log collectcommand from a account.
Fixed an issue where the agent reported an empty status to Cortex XDR if the status reporting occurred immediately after agent startup on the endpoint.
Cortex XDR Agent 7.0.2 Addressed Issues
Fixed an issue where the Cortex XDR agent installation failed on Linux endpoints with LD_PRELOAD libraries, which contain paths to shared libraries or objects.
Fixed a high CPU issue that occurred when the Cortex XDR agent running on VDI sessions performed redundant agent database cleanups.
Fixed an issue where the Cortex XDR agent failed to connect to Cortex XDR using GRPC (remote procedure call) and Cytool commands failed if the HTTP_PROXY environment variable was configured on the endpoint.
Fixed an issue where plugging in a USB device with certain string descriptors on a Windows endpoint where the Cortex XDR agent enforces device control rules caused the endpoint to halt.
Fixed a race condition between the Cortex XDR agent injector and certain processes running on the endpoint which could cause the processes to hang during startup.
Fixed an issue where multiple requests to get verdicts from WildFire would hang if the activity mode of the proxy used to communicate with the Cortex XDR agent was changed.
Fixed compatibility issues with the scanning of CSVFS volumes.
Fixed an issue where the Cortex XDR agent failed to connect to Cortex XDR through WinHttp Proxy.
Removing unnecessary error messages from the log files.
Fixed an issue where the Ransomware Protection module accessed certain file objects from invalid execution contexts, causing processes running on the endpoint to halt or consume high CPU.
Fixed a race condition between the Cortex XDR agent injector and certain Syslog and DL processes running on the endpoint which could cause the processes to hang during startup.
Extended the Cytool log collect timeout from two minutes to ten minutes to support the collection of large log files.
Fixed an issue where the content update failed on the endpoint due to network issues, and the agent policy was being updated even though the content update did not contain policy updates.
Cortex XDR Agent 7.0.1-h1 Addressed Issues
Cortex XDR Agent 7.0.1 Addressed Issues
Fixed an issue where Live Terminal failed to start on Linux endpoints after upgrading Traps agent 6.1.4 release to Cortex XDR agent 7.0.
For all Windows 10 endpoints Palo Alto Networks strongly recommends that you upgrade to the latest Windows Update that has a fix for vulnerability CVE-2020-0601.
To prevent license leakage, now Cortex XDR will prevent the re-registration of a Golden image instance until a user logs on.
Addressed security issues.
Fixed an issue where the SCCM advertisement failed the Cortex XDR agent installation on the endpoint.
Now when a new VDI session starts, the endpoint uses the original Golden Image policy until the Cortex XDR agent retrieves the new policy from the Cortex XDR server. This may take up to 10 minutes.
Fixed an issue where the security module was set to notify, however security_events.db reported the process as failed to terminate (
Target process termination: Yes (Failed)).
Now when the agent settings profile on the endpoint is set to hide the Cortex XDR agent tray icon on the endpoint, the icon will be hidden already when the user logs on or reboots the machine, and not only after the first agent heartbeat.
Fixed an issue where the endpoint could halt suddenly after a fresh installation or upgrade of the Cortex XDR agent software when Hypervisor Code Integrity (HVCI) is enabled on Windows 10, Windows Server 2016, or Windows Server 2019.
Fixed an issue where the VDI instance created from a Golden image that included proxy configuration did not receive the proxy configuration.
Fixed an issue on Linux endpoints related to exploit protection modules and Traps services where the ProcessManager could not manage the data rate and dropped netlink sockets and events on load spikes.
Fixed an issue that occurred after a malware scan completed where Traps reported duplicate scan completion events to Traps management service.
Fixed an issue where you could not restore a quarantined file to a custom location using Cytool on a Mac endpoint running macOS10.15.
Cortex XDR Agent 7.0.0-h1 Addressed Issues
Fixed an issue that occurred when Hypervisor Code Integrity (HVCI) was enabled on Windows 10, Windows Server 2016, or Windows Server 2019, where the endpoint could halt suddenly after a fresh installation or upgrade of the Cortex XDR agent software.
Cortex XDR Agent 7.0 Addressed Issues
There are no addressed issues in this version.
Recommended For You
Recommended videos not found.