Addressed Issues in Cortex XDR Agent 7.6

Addressed issues in Cortex XDR agent 7.6 release for Windows, macOS, and Linux.

Addressed Issues in Cortex XDR Agent 7.6.2-hotfix

The following has been addressed in this release:
Feature
Description
CPATR-16539
Fixed an issue addressing vulnerability CVE-2022-0778

Addressed Issues in Cortex XDR Agent 7.6.2

The following has been addressed in this release:
Feature
Description
CPATR-15591
Fixed an issue where the agent TMP folder fills up.
CPATR-15041
(
MacOS
)
Fixed an issue where uninstall of MacOS agent can fail due to the database structure.
CPATR-15752
(
MacOS
)
Fixed an issue where setting the malware profile to block on MacOS may cause instability on the machine.
CPATR-15613
(
MacOS
)
Fixed an issue where the Host Firewall on MacOs machines may halt agent communication.
CPATR-15591
(
Linux
)
Fixed an issue where the payload executer unexpectedly reports dual errors for the same execution resulting in incorrect handling of the original error message.
CPATR-15041
(
MacOS
)
Fixed an issue where uninstall of MacOS agent can fail due to the database structure.

Addressed Issues in Cortex XDR Agent 7.6.1

The following has been addressed in this release:
Feature
Description
CPATR-15441
Fixed an issue where the agent is using a large amount of disk space.
CPATR-15310
(
Windows
)
Fixed an issue where the agent fails to first query the hardware ID.
CPATR-15300
(
Linux
)
Fixed an issue with log file folder permissions.
CPATR-14698
Fixed an issue Search Collection searches run multiple times.
CPATR-15445
(
Windows
)
Fixed an issue where an Azure virtual desktop is detected as Endpoint Type: Server.
CPATR-15041
(
MacOS
)
Fixed an issue where in some cases cannot uninstall MacOS agents.
CPATR-15207
(
MacOS
)
Fixed an issue where when adding an IP address range to the Host Firewall configuration, the IP address is not included in the range.
CPATR-15211
(
Linux
)
Fixed an issue where when upgrading the agent, the agent does not send audit logs.
CPATR-15300
(
Linux
)
Fixed an issue with
log file
folder permissions.
CPATR-15407
(
Linux
)
Fixed an issue with validation of Distribution ID registration.
CPATR-15310
(
Windows
)
Fixed an issue where the agent fails to first query the hardware ID.
CPATR-15252
(
Windows
)
Fixed an issue where when querying HWID changes, NULL value is ignored.
CPATR-15228
Fixed an issue where agent crashes when deleting by hash more than the maximum configured number of file.
CPATR-15441
(
Windows
)
Fixed an issue where the agent is using a large amount of disk space.
CPATR-15300
(
Linux
)
Fixed an issue with
log file
folder permissions.

Addressed Issues in Cortex XDR Agent 7.6

The following has been addressed in this release:
Feature
Description
CPATR-14804
(
Windows
)
Fixed an issue where external USB drives scans are inconsistent with scan configuration.
CPATR-14801
Fixed an issue where updated WildFire verdict is not stored on the agent.
CPATR-14790
(
MacOS
)
Fixed an issue where local analysis module preventions are reported with the wrong Incident ID on macOS Catalina impacting incident generation.
CPATR-14788
Fixed an issue where agent proxy settings are incorrectly stored causing endpoints to become disconnected.
CPATR-15252
(
Windows
),
CPATR-14737
Fixed an issue where querying for hardware ID changes on an endpoint, NULL values are ignored.
CPATR-14729
(
Windows
)
Fixed an issue where some processes may crash while the DLL Security module is enabled.
CPATR-14726
Fixed an issue where a malware scan does not show the correct status when performing a reset.
CPATR-14717
Fixed an issue where the IP allow list may not always be applied correctly.
CPATR-14678
Fixed an issue where an agent might fail to cancel a scan if it has reached a time-out while the agent was not running (stopped).
CPATR-14647
Fixed an issue where there was no message of successful upgrade to the current agent version.
CPATR-14950
Fixed an issue where wildfire updates after an upgrade may cause a scan to halt.
CPATR-15048
Fixed an issue where a prevention alert displays as Detected instead of Blocked.
CPATR-15058
Fixed an issue where policy recalculation is triggered incorrectly.
CPATR-14737
Fixed an issue where querying for hardware ID changes on an endpoint, NULL values are ignored.
XDRSUP-7193
Fixed an issue where when installing an agent on Windows endpoint causes shell related issues.

Addressed Issues in Cortex XDR Agent 7.6.0-hotfix

The following has been addressed in this release:
Feature
Description
CPATR-14585
(
Windows
)
Fixed an issue on Windows endpoints where cloned processes could cause the endpoint to halt.The cloning mechanism is most common in Unix-based applications running the fork command, which is implemented by the Windows kernel cloning mechanism. However, in some cases, this issue could reproduce without Unix-based applications.

Recommended For You