Addressed issues in Cortex XDR agent 7.5 CE release for Windows, macOS, and Linux.
Addressed Issues in Cortex XDR Agent 7.5.102-CE
The following has been addressed in this release:
Feature | Description |
|---|---|
CPATR-17600 | Fixed an issue to optimize time update functions to reduce resource impact. |
CPATR‑17609 (Windows) | Fixed an issue where an operating system bug may lead to an agent process (cysever) halt during a file version information extraction. |
CPATR‑17802 (Windows) | Fixed an issue on endpoints using Windows 8.1 and earlier, which resulted in Windows Explorer crashing. |
CPATR‑17886 (Linux) | Fixed an issue where Cortex XDR agent sometimes caused a deadlock in the java application during native library load. |
CPATR-17984 (Linux) | Fixed an issue where in some cases in Kubernetes environments, the agent does not clear all required disk space. |
CPATR-18100 | Fixed an issue with the 'cytool import content' command which caused the command to fail. |
CPATR-18332 | Fixed an issue of redundant Check-In operation during VDI session registration. |
CPATR-18573 | Fixed an issue where in some cases upon file deletion, Cortex XDR Agent service (cyserver) crashes. |
CPATR-18580 (Windows) | Fixed an issue that occurred when virtual USB Devices were removed. |
CPATR-18628 (Linux) | Fixed an issue of a potential deadlock occurring during MMAP hook. |
CPATR-18754 | Fixed an issue where the agent console may become unavailable due to a file load conflict. |
Addressed Issues in Cortex XDR Agent 7.5.101
The following has been addressed in this release:
Feature | Description |
|---|---|
CPATR-17277 (Linux) | Fixed an issue where upgrades are not successful, or some services don't start correctly because old files could not be removed. |
CPATR-17192 (Linux) | Fixed an issue with the dynamic protection service that results in partial protection of an affected endpoint. |
CPATR-16886 CPATR-17161 (Linux) | Fixed an issue where a race condition prevents Cortex XDR Process Monitor Daemon from accessing data collected by the agent. |
CPATR-16842 | Fixed an issue while working with a support exception that disables injection, any restart to pmd results in a reboot loop. |
CPATR-16785 | Fixed an issue where upgrades are not successful or some services don't start correctly because old files could not be removed. |
CPATR-16767 (macOS) | Fixed an issue on macOS Monterey-based systems, where the path for a loaded DMG could not be resolved. |
CPATR-16530 | Fixed an issue with the dynamic protection service that results in partial protection of an affected endpoint. |
CPATR-16387 (Windows) | Fixed an issue where on rare occasions, the XDR agent does not work as expected after an upgrade or restart. |
CPATR-15801 (Linux) | Fixed an installation issue on systems running RHEL 8 with FIPS mode enabled. |
CPATR-14074 | Fixed an issue with injections causing issues in Java |
Addressed Issues in Cortex XDR Agent 7.5.100
The following has been addressed in this release:
Feature | Description |
|---|---|
CPATR-16539 | Fixed an issue addressing vulnerability CVE-2022-0778 |
CPATR-16387 (Windows) | Fixed an issue where agents become unresponsive following an upgrade. |
CPATR-15441 | Fixed an issue where the agent is using a large amount of disk space. |
CPATR-15041 (MacOS) | Fixed an issue where uninstall of macOS agent can fail due to the database structure. |
CPATR-14804 (Windows) | Fixed an issue where external USB drives scans are inconsistent with scan configuration. |
CPATR-14790 (MacOS) | Fixed an issue where local analysis module preventions are reported with the wrong Incident ID on macOS Catalina impacting incident generation. |
CPATR-14788 | Fixed an issue where agent proxy settings are incorrectly stored causing endpoints to become disconnected. |
CPATR-15252 (Windows), CPATR-14737 | Fixed an issue where querying for hardware ID changes on an endpoint, NULL values are ignored. |
CPATR-14729(Windows) | Fixed an issue where some processes may crash while the DLL Security module is enabled. |
CPATR-14717 | Fixed an issue where the IP allow list may not always be applied correctly. |
CPATR-15228 | Fixed an issue where agent crashes when deleting by hash more than the maximum configured number of file. |
CPATR-15252(Windows) | Fixed an issue where when querying HWID changes, NULL value is ignored. |
CPATR-15252 | Fixed an issue where an external USB drive is sometimes recognized as a fixed drive. |
CPATR-14737 | Fixed an issue where querying for hardware ID changes on an endpoint, NULL values are ignored. |
CPATR-15228 | Fixed an issue where hash deletion on a large number of files may cause the agent to halt. |
CPATR-15058 | Fixed an issue where policy recalculation is triggered incorrectly. |
CPATR-15048 | Fixed an issue where a prevention alert displays as Detected instead of Blocked. |
CPATR-14950 | Fixed an issue where wildfire updates after an upgrade may cause a scan to halt. |
CPATR-14804 (Windows) | Fixed an issue where external USB drives scans are inconsistent with scan configuration. |
CPATR-14790 (MacOS) | Fixed an issue where local analysis module preventions are reported with the wrong Incident ID on macOS Catalina impacting incident generation. |
CPATR-14788 | Fixed an issue where agent proxy settings may reset causing endpoints to become disconnected. |
CPATR-14729 (Windows) | Fixed an issue where processes might crash while being enabled by DLL Security module. |
CPATR-14717 | Fixed an issue where a blocked IP allow list may not always be applied correctly. |