Cortex XDR Agent Known Issues
See the list of the known issues in Cortex XDR agent 7.4.
The following table describes known issues in the Cortex XDR agent 7.4.X releases.
*This issue is resolved with content update 192 and later
The 7.4.1 agent can sometimes cause an infinite loop in a kernel driver.
When you attempt to upgrade a Cortex XDR agent 7.2.0 to a later release from the Cortex XDR management console using an rpm installer, the upgrade action remains stuck In Progress and the agent upgrade fails due to a GPG signature check.
Manual workaround: Disable the GPG signature check for the Cortex XDR agent installer by adding the
--nogpgcheckparameter to the yum installation command line.
Mac, Cortex XDR agent 7.1.2 and later running macOS 11.3)
Following the changes Apple introduced in macOS 11.3 for MDMs, when you remove an MDM configuration profile that includes permissions for system extensions (for Cortex XDR agents or Global Protect), the system extensions will be instantly unloaded from all endpoints. As a result, the Cortex XDR protection status will be disabled.
Suggested workaround: Restart the extensions or restart the Cortex XDR agent.
When you make configuration changes that require you to remove an installed configuration profile, ensure that you remove the existing profile before you install the new profile. Otherwise, the new profile might not take effect on the endpoint even though it is installed.
After you deploy the new MDM configuration profile, you must restart either the endpoint or the Cortex XDR agent in one of the following methods:
Additionally, you can use your MDM to run these scripts on endpoints where the Cortex XDR agent was disabled as a result of this issue.
Refer to the Cortex XDR Agent Administrator’s Guide on installation via MDM for more information.
*This issue is resolved with content update 183-59522 and later
The following functionalities are not supported on new Apple Silicon (M1) Mac endpoints without Rosetta 2, running Cortex XDR agents 7.4:
Suggested workaround: Install Rosetta 2.
Rosetta 2 is not pre-installed on new Apple Silicon (M1) Mac endpoints running macOS 11.X. Proceed to install it in one of the following methods:
On Apple Silicon (M1) Mac endpoints running Cortex XDR agents, if you attempt to restart the agent by running
./cytool runtime restart allit could cause unexpected behavior which could disable the Cortex XDR agent.
To restart the agent, run these commands instead—
./cytool runtime stop all
./cytool runtime start all
(Cortex XDR agent uninstall password is required)
Recommended For You
Recommended videos not found.