End-of-Life (EoL)

Addressed Issues in Cortex XDR Agent 7.6

Addressed issues in Cortex XDR agent 7.6 release for Windows, macOS, and Linux.

Addressed Issues in Cortex XDR Agent 7.6.3-hotfix

The following has been addressed in this release:
Feature
Description
CPATR-17371
(
Windows
)
Fixed an issue with support file collection.

Addressed Issues in Cortex XDR Agent 7.6.3

The following have been addressed in this release:
Feature
Description
CPATR-16290
(
MacOS
)
Fixed an issue for the Kernel Privilege Escalation module, which may have false positives.
CPATR-16767
(
MacOS
)
Fixed an issue where the DMG path isn’t resolved on macOS Monterey.
CPATR-16886
(
Linux
)
Fixed an issue where a race condition prevents Cortex XDR Process Monitor Daemon from accessing data collected by the agent.
CPATR-16755
(
Linux
)
Fixed an issue where updating is not possible if initialization failed.
CPATR-16387
(
Windows
)
Fixed an issue where there is a race condition preventing the agent driver from unloading.
CPATR-16377
(
Linux
)
Fixed an issue where working with an external name resolution service may result in the service crashing.
CPATR-16354
Fixed an issue where the agent is shown as disabled on the firewall providers list in WSC.
CPATR-16300
Fixed an issue where support exception expiration is not working as expected.
CPATR-16106
Fixed an issue where agent restart prevents the new payload version from updating.
CPATR-15771
Fixed an issue where a delay in accessing a file may be caused due to a misconfigured verdict.
CPATR-15545
Fixed an issue where the agent does not detect that a scan was running before it was restarted.
CPATR-14814
Fixed an issue where non-UTF-8 characters cause the hash verdict to be stored incorrectly.
CPATR-16865
Fixed an issue where a change in OS on an endpoint is not updated in the All Endpoints table.
CPATR-16785
Fixed an issue where upgrades are not successful or some services don't start correctly because old files could not be removed.
CPATR-15156
Fixed an issue where performing a File Search action on an EDR-supported file type without destroying the file, results in a no file_results report being sent to the server and the action is stuck on In Progress.
CPATR-16842
Fixed an issue while working with a support exception that disables injection. Any restart to pmd results in a reboot loop.

Addressed Issues in Cortex XDR Agent 7.6.2-hotfix

The following has been addressed in this release:
Feature
Description
CPATR-16539
Fixed an issue addressing vulnerability CVE-2022-0778
Affected versions: < 7.6.2.60545 on Windows, < 7.6.2.2311 on macOS, < 7.6.2.59612 on Linux

Addressed Issues in Cortex XDR Agent 7.6.2

The following have been addressed in this release:
Feature
Description
CPATR-15591
Fixed an issue where the agent TMP folder fills up.
CPATR-15041
(
MacOS
)
Fixed an issue where uninstall of MacOS agent can fail due to the database structure.
CPATR-15752
(
MacOS
)
Fixed an issue where setting the malware profile to block on MacOS may cause instability on the machine.
CPATR-15613
(
MacOS
)
Fixed an issue where the Host Firewall on MacOs machines may halt agent communication.
CPATR-15591
(
Linux
)
Fixed an issue where the payload executer unexpectedly reports dual errors for the same execution resulting in incorrect handling of the original error message.
CPATR-15041
(
MacOS
)
Fixed an issue where uninstall of MacOS agent can fail due to the database structure.

Addressed Issues in Cortex XDR Agent 7.6.1

The following have been addressed in this release:
Feature
Description
CPATR-15441
Fixed an issue where the agent is using a large amount of disk space.
CPATR-15310
(
Windows
)
Fixed an issue where the agent fails to first query the hardware ID.
CPATR-15300
(
Linux
)
Fixed an issue with log file folder permissions.
CPATR-14698
Fixed an issue Search Collection searches run multiple times.
CPATR-15445
(
Windows
)
Fixed an issue where an Azure virtual desktop is detected as Endpoint Type: Server.
CPATR-15041
(
MacOS
)
Fixed an issue where in some cases cannot uninstall MacOS agents.
CPATR-15207
(
MacOS
)
Fixed an issue where when adding an IP address range to the Host Firewall configuration, the IP address is not included in the range.
CPATR-15211
(
Linux
)
Fixed an issue where when upgrading the agent, the agent does not send audit logs.
CPATR-15300
(
Linux
)
Fixed an issue with
log file
folder permissions.
CPATR-15407
(
Linux
)
Fixed an issue with validation of Distribution ID registration.
CPATR-15310
(
Windows
)
Fixed an issue where the agent fails to first query the hardware ID.
CPATR-15252
(
Windows
)
Fixed an issue where when querying HWID changes, NULL value is ignored.
CPATR-15228
Fixed an issue where agent crashes when deleting by hash more than the maximum configured number of file.
CPATR-15441
(
Windows
)
Fixed an issue where the agent is using a large amount of disk space.
CPATR-15300
(
Linux
)
Fixed an issue with
log file
folder permissions.

Addressed Issues in Cortex XDR Agent 7.6

The following have been addressed in this release:
Feature
Description
CPATR-14804
(
Windows
)
Fixed an issue where external USB drives scans are inconsistent with scan configuration.
CPATR-14801
Fixed an issue where updated WildFire verdict is not stored on the agent.
CPATR-14790
(
MacOS
)
Fixed an issue where local analysis module preventions are reported with the wrong Incident ID on macOS Catalina impacting incident generation.
CPATR-14788
Fixed an issue where agent proxy settings are incorrectly stored causing endpoints to become disconnected.
CPATR-15252
(
Windows
),
CPATR-14737
Fixed an issue where querying for hardware ID changes on an endpoint, NULL values are ignored.
CPATR-14729
(
Windows
)
Fixed an issue where some processes may crash while the DLL Security module is enabled.
CPATR-14726
Fixed an issue where a malware scan does not show the correct status when performing a reset.
CPATR-14717
Fixed an issue where the IP allow list may not always be applied correctly.
CPATR-14678
Fixed an issue where an agent might fail to cancel a scan if it has reached a time-out while the agent was not running (stopped).
CPATR-14647
Fixed an issue where there was no message of successful upgrade to the current agent version.
CPATR-14950
Fixed an issue where wildfire updates after an upgrade may cause a scan to halt.
CPATR-15048
Fixed an issue where a prevention alert displays as Detected instead of Blocked.
CPATR-15058
Fixed an issue where policy recalculation is triggered incorrectly.
CPATR-14737
Fixed an issue where querying for hardware ID changes on an endpoint, NULL values are ignored.
XDRSUP-7193
Fixed an issue where when installing an agent on Windows endpoint causes shell related issues.

Addressed Issues in Cortex XDR Agent 7.6.0-hotfix

The following has been addressed in this release:
Feature
Description
CPATR-14585
(
Windows
)
Fixed an issue on Windows endpoints where cloned processes could cause the endpoint to halt.The cloning mechanism is most common in Unix-based applications running the fork command, which is implemented by the Windows kernel cloning mechanism. However, in some cases, this issue could reproduce without Unix-based applications.

Recommended For You