End-of-Life (EoL)

Cortex XDR Agent Addressed Issues

List of addressed issues in Cortex XDR agent 7.1 releases.
The following tables lists the issues that are addressed in Cortex XDR agent 7.1 releases.

Cortex XDR Agent 7.1.4 Addressed Issues

Feature
Description
CPATR-11858
(Windows)
Fixed an issue where the Cortex XDR agent failed to quarantine malicious files running on devices or partitions formatted in Windows FAT32.
CPATR-11491
(Mac)
Performance improvements to Cortex XDR agent scanning on Mac endpoints.
CPATR-11311
Fixed an issue where the Cortex XDR agent did not detect the existence of a macro within an Office document.
CPATR-11179
(Windows)
Fixed an issue where the Cortex XDR agent caused the Veeam backup service to halt on the endpoint.
CPATR-11143
(Windows)
Fixed an issue where the Cortex XDR agent unexpectedly halted when a NUMA virtual machine booted with CPU hot-add enabled.
CPATR-11051
(Windows)
Fixed an issue where the Cortex XDR agent did not scan folders or files with special Unicode characters in their name if the scan was initiated locally on the endpoint by the user.
CPATR-11046
(Linux)
Fixed an SELinux compatibility issue that caused high CPU consumption.
CPATR-10969
(Windows)
Fixed an issue where the Cortex XDR agent failed to collect EDR data for security alerts generated for the Japanese Excel on endpoints running a Japanese operating system, leaving the causality card in the XDR management console empty.
CPATR-10956
Fixed an issue where the Cortex XDR agent reported an incorrect scan status to Cortex XDR in case the scan failed.
CPATR-10916
(Linux)
Fixed an issue where sometimes the Cortex XDR agent did not handle correctly the Allow list for the Local privilege escalation protection module.
CPATR-10894
(Linux)
Fixed an issue where the Local privilege escalation protection module did not identify correctly process capability flags.
CPATR-10820
(Windows)
Fixed an issue where a VDI endpoint failed to register with the Microsoft Security Center if the Cortex XDR Agent tampering protection was enabled.
CPATR-10644
Enhancements to quota management on the endpoint when uploading files with Unknown verdict to Wildfire for examination.
CPATR-10622
On Linux endpoints connected to Cortex XDR through a proxy, fixed an issue where the Cortex XDR agent attempted to resolve DNS requests directly without using the proxy.
CPATR-10437
(Windows)
Fixed an issue where the Cortex XDR Disk Encryption policy could not be enforced on an endpoint if there were volumes that were not assigned a drive letter.
CPATR-10431
(Mac)
Fixed a delay in the incident creation time in Cortex XDR that occurred if the agent did not report the process start time.
CPATR-10429
(Mac)
Fixed an issue where the Cortex XDR agent uninstall password could not be validated if it included special characters.
CPATR-10426
(Windows)
Fixed an issue where the file signature data was missing on the detailed incident view.
CPATR-10382
(Windows)
Fixed an issue where the Cortex XDR Device Control policy did not take effect on the endpoint after the endpoint operating system was upgraded to a new major Microsoft Windows release.
CPATR-10292
Fixed an issue when the content was unavailable, the Cortex XDR agent reported a Protected operational status instead of Unprotected.
CPATR-9715
Fixed an issue where the Cortex XDR agent failed to collect persistent databases if it generated the Technical Support File (TSF) while the agent was running.
CPATR-9643
Fixed a race condition that occurred when restoring a file from quarantine, causing the action to halt on the endpoint.
CPATR-9622
(Linux)
Fixed
libnss
compatibility issues.
CPATR-8552
Fixed an issue where the Cortex XDR prevention files exceeded the allocated endpoint disk quota.

Cortex XDR Agent 7.1.3 Addressed Issues

Feature
Description
CPATR-10255
(Windows)
Fixed an issue where the Cortex XDR agent did not save the Microsoft Windows BitLocker key to the Active Directory when enforcing disk encryption policy on the endpoint.

Cortex XDR Agent 7.1.2 Addressed Issues

Feature
Description
CPATR-10449
(Linux)
Fixed an issue of inconsistent PMD crashes that occurred on Linux endpoints after upgrading the Cortex XDR agent 6.1.0 release to 7.1.0 or 7.1.1. releases.
CPATR-10309
Fixed an issue of high disk space usage.
CPATR-10200
(Mac)
Fixed an issue where the Cortex XDR agent console wrongly displayed the Protection Status as Disabled on the endpoint.
CPATR-10185
(Windows)
Fixed an issue on VDI endpoints with slow CPU, where sometimes the Cortex XDR agent failed to register with the Cortex XDR server due to a delayed registration flow.
CPATR-10167
(Linux)
Fixed an issue that occurred when using Cytool on Linux endpoints running Cortex XDR agent 7.1 release or later, where if the
https_proxy
environment variable set on the endpoint, Cytool attempted to process it instead of ignoring it.
CPATR-10140
(Windows)
Fixed a compatibility issue where Office files could disappear or network shared could become invisible if Windows Access-Based Enumeration (ABE) was enabled for the file server.
CPATR-10025
(Windows)
Fixed an issue where you could not install the Cortex XDR agent on a Windows endpoint with a third party winsock provider, such as PGP desktop.
CPATR-9972
Fixed an issue where the Cortex XDR agent failed to connect to the server using an invalid ID even with the
Cytool reconnect force
command.
CPATR-9871
Addressed security issues.
CPATR-9760
Fixed an issue on endpoints where Behavioral threat protection was disabled, that security policy recalculation was triggered even if there were no policy updates.
CPATR-9718
(Mac)
Fixed a performance issue that occurred on Mac endpoints running heavy script loads.
CPATR-9712
Enhanced the agent log to include more details when an agent fails to download new content as a result of bandwidth management issues.

Cortex XDR Agent 7.1.1 Addressed Issues

Feature
Description
CPATR-9803
In an environment where the Cortex XDR agent is connected to the Cortex XDR management console through a proxy, fixed an issue where the agent failed to register after upgrading to Cortex XDR 7.1 release due to incorrect timeout settings.
CPATR-9762
Fixed an issue of high CPU on Windows endpoints.
CPATR-9699
Fixed an issue where the Cortex XDR agent failed to start on a VDI instance if the hardware ID was the same as in the Golden Image.
CPATR-9621
Fixed an issue where the Cortex XDR agent did not report device control violations for a USB device if the device serial number ended with one or more null characters.
CPATR-9584
Fixed an issue where the agent did not recalculate the policy after restarting the endpoint, if the Cortex XDR agent was disconnected.
CPATR-9583
Fixed an issue where the Cortex XDR agent did not receive a request to shut down gracefully when the operating system was rebooted or shut down.
CPATR-9560
On Mac endpoints running macOS 10.15.4, the
Protection Status
in the agent console now indicates the status of both Malware and Exploit modules on the endpoint.
CPATR-9557
Fixed an issue that occurred during the installation of a Cortex XDR 7.1 on an endpoint running macOS 10.15.4, where the popup to allow full disk access included a link to the incorret Cortex XDR agent admin guide release.
CPATR-9491
Fixed an issue where the endpoint suddenly halted as a result of a race condition in cyvrlpc.sys.
CPATR-9415
Fixed an issue where Support files generation failed on an encrypted Windows endpoint.
CPATR-9303
Fixed an issue where the Cortex XDR agent failed to collect log files when executing the
Cytool log collect
command from a
LocalSystem
account.

Cortex XDR Agent 7.1 Addressed Issues

There are no addressed issue in this release.

Recommended For You