Addressed Issues in Cortex® XDR™ Agent 7.4

Addressed issues in Cortex XDR agent 7.4 release for Windows, macOS, and Linux.

Addressed Issues in Cortex XDR Agent 7.4.2

There are no addressed issues in this release.

Addressed Issues in Cortex XDR Agent 7.4.1

The following table details addressed issues in Cortex XDR agent 7.4.1.
Issue ID
Description
CPATR-14107
(
Windows
)
Palo Alto Networks strongly recommends that you upgrade your operating system as soon as possible and follow Microsoft Security Advisory statement regarding vulnerabilities CVE-2021-1675 and CVE-2021-34527.
For Cortex XDR agents running on unpatched Windows endpoints, the Behavioral Threat Protection (BTP) module will detect and terminate the malicious attack when there is an attempt to exploit CVE-2021-1675 and CVE-2021-34527. On non-vulnerable endpoints, Cortex XDR will report the malicious attack.
CPATR-14014
Fixed an issue where updating the verdict of a file to Benign with Low Confidence for the second time failed.
CPATR-14005
(
Windows
)
Fixed an issue where renaming the Content library failed on endpoints integrated with Citrix AppLayering.
CPATR-13951
(
Windows
)
Fixed an issue where recursive filesystem calls could cause the endpoint to halt.
CPATR-13898
(
Windows
)
Fixed an issue on endpoints with 3rd party solutions using a proprietary file system, where the endpoint could suddenly halt.
CPATR-13855
Fixed an issue where after upgrading the Cortex XDR agent to the 7.4.0 release, the scan of a hash with a Benign verdict could timeout.
CPATR-13851
Fixed an issue where after you added an unknown hash to the Cortex XDR Allow List, if later WildFire returned a Malware verdict, then post detection alerts were generated.
CPATR-13850
Fixed an issue where if the first attempt to upgrade a Cortex XDR agent 7.4.0.X to a newer release failed, then all subsequent upgrade attempts failed as well.
CPATR-13789
(
Windows
)
Fixed a compatibility issue with the ROP Mitigation module running on 64-bit architecture.
CPATR-13750
(
Windows
)
Fixed an issue on Windows file servers 2012, where after upgrading the Cortex XDR agent to the 7.4.0 release, the endpoint could reboot on rare occasions.
CPATR-13739
(
Linux
)
Fixed an issue where the Cytool process failed, if other processes on the endpoint were executed with certain command lines.
CPATR-13558
(
Linux
)
Optimized the Anti-Malware flow to reduce the number of actions performed by the Cortex XDR agent when scanning containerized applications, leading to lower latency and CPU usage.
CPATR-13542
(
Windows
)
Fixed an issue where in rare cases, the Cortex XDR agent startup delayed the endpoint startup, leaving the endpoint partially protected during this time.
CPATR-13126
(
Linux
)
Fixed an issue where IBM WebsShere failed to start after the Cortex XDR agent on the endpoint was upgraded to 7.3.0 or a later release.
CPATR-12448
(
Windows
)
Fixed an issue where upgrading the Cortex XDR agent to a newer release failed if during the upgrade process, a 3rd party running on the endpoint was holding a handle to the agent service. For the fix to take effect, the upgrade must be performed from a fixed Cortex XDR agent 7.4.1 release or later.

Addressed Issues in Cortex XDR Agent 7.4

There are no addressed issues in this release.

Recommended For You