Traps Agent Addressed Issues
List of addressed issues in Traps agent 5.0 releases.
The following tables lists the issues that are addressed in Traps agent 5.0 releases.
- Traps Agent 5.0.7 Addressed Issues
- Traps Agent 5.0.6 Addressed Issues
- Traps Agent 5.0.5 Addressed Issues
- Traps Agent 5.0.4 Addressed Issues
- Traps Agent 5.0.3-h1 Addressed Issues
- Traps Agent 5.0.3 Addressed Issues
- Traps Agent 5.0.2 Addressed Issues
- Traps Agent 5.0.1 Addressed Issues
- Traps Agent 5.0.0 Addressed Issues
Traps Agent 5.0.7 Addressed Issues
|CPA-6123||Fixed an issue on Windows 10 endpoints that had AuditMicrosoftSignedOnly mitigation enabled where Traps injection caused services that have a load timeout (such as svchost.exe) to halt abruptly.|
|CPA-6084||Fixed an issue on Windows endpoints where an endpoint scan could not complete due to a corrupted Object Linking and Embedding (OLE) file.|
|CPA-6015||Fixed an issue with error handling on Windows endpoints where, in rare cases, Traps changed the Last Error value.|
|CPA-5985||Fixed an issue on Windows 8 and Windows Server 2012 and later endpoints where if you used Offloaded Data Transfers (ODX), you experienced slowness copying and moving files between Intelligent Storage Arrays (ISAs). Now, you can copy and move files without experiencing any degradation in performance.|
|CPA-5933||When you use a GPO to deploy Traps on Windows endpoints, assigning the policy to Active Directory users (instead of computers) causes subsequent attempts to uninstall or upgrade the Traps agents to fail. To ensure upgrades and uninstalls succeed, verify that the GPO command line does not include the ALLUSERS parameter (with any values).|
|CPA-5816||Fixed an issue which caused high CPU utilization on Windows endpoints due to gRPC.|
|CPA-5733||Fixed an issue where the Traps management service sent updates to Traps agents without the distribution ID, causing the agents to become disconnected.|
|CPA-5161||Fixed an issue where TLAService—which is primarily responsible for the Traps local analysis module—failed to initialize when the system account specified in the %TMP% environment variable was not reachable.|
|CPA-4725||Fixed an issue where periodic scanning caused the file streaming mechanisms of Microsoft OneDrive and Google Drive to sync locally, which resulted in high local disk space consumption for files that should have been stored in the cloud.|
|CPA-4724||Fixed an issue where some Traps EPMs raised a security event for processes that were whitelisted instead of allowing them to run.|
|CPA-3358||Fixed an issue on Windows endpoints, where the Traps management service prevented the completion of Microsoft Office application crash recovery.|
Traps Agent 5.0.6 Addressed Issues
|CPA-4937||Fixed an issue with error handling where multiple attempts to load Traps DLLs caused failures during the process initialization flow which resulted in a prevention or halted a Traps process.|
|CPA-4904||Fixed an issue that occurred when Symantec Endpoint Protection was installed in parallel with Traps where the lsass.exe process halted suddenly and caused the endpoint to enter a reboot loop.|
|CPA-4861||Fixed an issue where the DLL Security module raised a security event when a DLL on a stackwalk whitelist was also specified on a blacklist. Now, the whitelist takes precedence over the blacklist.|
|CPA-4813||Fixed an issue on Linux endpoints that caused Traps installation to fail when the logic used to determine the hostname of the endpoint did not match the actual hostname.|
|CPA-4741||Fixed an issue on Windows endpoints where the Traps agent would be deactivated when the default policy file was found empty thereby preventing additional policy updates.|
|CPA-4675||Fixed an issue where the Traps registry configuration could be overwritten when Traps Tampering Protection was enabled as part of an Agent Settings profile.|
|CPA-4604||Fixed an issue with the Ransomware Protection module which caused image loading delays with third-party applications.|
|CPA-4601||Fixed an issue on Linux endpoints where Traps prevented a cron job from running shell scripts due to a compatibility issue with glibc version 2.22.|
|CPA-4583||Fixed an issue on Linux endpoints where the Shellcode Protection module raised security events when the module identified a return address in a non-executable region of the process. Now, the Shellcode Protection module only raises events when the return address is to an executable region.|
|CPA-3352||Fixed an issue on endpoints running Windows 10 Insider Preview where the Windows Defender Security Center displayed Virus & threat protection as Unknown and displayed Status unavailable for Traps even though Traps successfully registered with the Security Center and was available.|
|CPA-3134||Fixed an issue where the local Traps database accepted unreadable data (serialized non-UTF8 strings) which could partially or fully corrupt the local database.|
Traps Agent 5.0.5 Addressed Issues
|CPA-4485||Fixed an issue on Mac endpoints where Traps reported security events for legitimate processes when the queue of protected processes became obsolete after a period of inactivity and a process ID (PID) was reused. Now, Traps clears the queue of terminated processes at regular intervals to prevent PID reuse.|
|CPA-4427||Fixed an issue on Windows 10 virtual machines and new installations on macOS 10.14 where the Traps console did not reflect the current protection state on the endpoint when the network was disconnected or immediately following the end of the installation.|
|CPA-4422||Fixed an issue where Traps did not apply tampering protection to the parent directory of the Traps installation.|
|CPA-4334||Fixed a performance issue where Traps caused delays opening large files from network shares.|
|CPA-4232||Fixed an issue on Mac endpoints where Traps did not provide visibility when Traps was not approved as a kernel extension provider and thus caused Traps to operate in incompatible mode. Now, Traps logs an event when the kernel extensions are not enabled so that you can remedy the issue on the endpoint.|
|CPA-4198||Fixed an issue where the Traps agent experienced delays sending file reports to the Traps management service to obtain the WildFire verdict. Now, the Traps agent sends reports and verdict requests on the next periodic interval even if a security event was triggered in between.|
|CPA-4129||Fixed an issue on Mac endpoints running macOS
10.14.1 where after installing Traps, the agent started in incompatible
mode. This occurred in the following scenarios:|
|CPA-3868||Fixed an issue on endpoints running Windows 8 and later releases where Traps incorrectly DLL Security and UASLR exploit protection modules (EPMs) triggered events reported events incorrectly. This was due to a memory mapping issue with the EPMs.|
|CPA-3780||Fixed an issue where you could not install Traps on a Windows Server 2003 SP2 x86 endpoints when third-party software that injects into similar processes—such as McAfee—was installed.|
|CPA-3779||Fixed an issue where you could not install Traps on a Windows Server 2003 SP2 x86 endpoints when third-party software that injects into similar processes—such as McAfee—was installed.|
|CPA-3413||Fixed an issue where the Traps agent reported the old agent version following an upgrade from the Endpoint Security Manager to Traps management service. Now, Traps uses the agent version from cyvera service and not from the registry.|
|CPA-3287||Fixed an issue that occurred when Traps analyzed an Office file that contained a macro where Traps caused delays in the startup of the process opening the file.|
Traps Agent 5.0.4 Addressed Issues
|CPA-3850||Fixed an issue where the Actions Tracker on the Traps management service reported that successful agent upgrades had failed. With this fix, Traps agents running 5.0.4 and above will correctly report successful upgrades.|
|CPA-3833||Fixed an issue that caused delays with Traps startup when a network error occurred on the endpoint.|
|CPA-3634||Fixed an issue with VDI where after a user logged out and back in, the Traps agent did not re-register with the Traps management service.|
|CPA-3597||Fixed an issue that occurred after you removed a hash exception from the Traps management service where the Traps agent failed to check in with the Traps management service, and therefore did not obtain the latest policy.|
|CPA-3555||Fixed an issue on Mac endpoints, where the Traps icon was hidden intermittently in the menu bar following a reboot.|
|CPA-3497||Fixed an issue on Windows 8.1, Windows 10, Windows Server 2012, and Windows Server 2016 where Sysprep failed and the endpoint could not finish booting when you enabled registry values protection.|
|CPA-3496||Fixed an issue where some Traps EPMs—such as DLL Security—caused a process to crash if Traps could not analyze opcodes.|
|CPA-3440||Fixed an issue on Windows endpoints where Traps did not apply policy to Active Directory users and groups.|
|CPA-3414||Fixed an issue on remote desktop sessions to RDS servers where Traps reported the username of the console user instead of the logged on user with analytics for a file.|
|CPA-3404||Fixed an issue on virtual machines where Traps reported changes to the unique ID associated with the endpoint resulting in excess license consumption.|
|CPA-3018||Fixed an issue encountered during scanning where Traps reported file errors for page, swap, and hibernation system files.|
|CPA-1861||Fixed an issue where the Traps agent took up to five minutes to send changes to endpoint details—such as username, user domain, or hostname—after an endpoint restarted.|
|CPA-1768||Fixed an issue that occurred when a remote user logged into a Remote Desktop Server, where Traps did not capture the name of the remote user and, as a result, identified the user as undefined in logs.|
Traps Agent 5.0.3-h1 Addressed Issues
|CPA-3569||Fixed an issue that prevented you from excluding Traps agent traffic via a proxy server from SSL decryption. Now, you can use the agent-user information supplied during the Traps connection request to the server to filter out Traps agent traffic from SSL decryption.|
|CPA-3554||Fixed an issue that caused high memory consumption on Windows endpoints.|
|CPA-3548||Fixed an issue on 64-bit Windows endpoints with Traps 5.0 releases earlier than 126.96.36.199921, where memory consumption increased over time due to a leak of native 64-bit processes that are protected by Traps.|
|CPA-3436||Fixed an issue with the Kernel Escalation Privilege exploit protection module which caused high CPU consumption on Linux endpoints.|
Traps Agent 5.0.3 Addressed Issues
Fixed an issue on Linux endpoints where Traps installation failed when multiple OpenSSL Red-hat Package Manager (RPM) packages were also installed.
Traps Agent 5.0.2 Addressed Issues
Fixed an issue with identification of VDI in VMWare Horizon View and Hyper-V environments and made general back-end improvements for VDI deployments.
Traps Agent 5.0.1 Addressed Issues
Fixed an issue in the Traps management service web interface where the Endpoints page did not display the domain name for agents (in the host Name column) after the virtual machines they ran on were shut down.
Fixed an issue on Windows Server 2003 endpoints where, after you migrated to Traps agent 5.0 from an earlier version, the endpoints could not connect to the Traps management service.
Fixed an issue where, after you migrated to Traps agent 5.0, the Traps local analysis service consumed all the CPU usage on an endpoint.
Fixed an issue where clicking Check In Now in the Traps agent console disconnected the agent from the Traps management service after you configured a malware profile with a Parent Process Name that exceeded 250 characters (ProfilesWindows<malware_profile>).
Fixed an issue where the Traps local analysis service consumed high CPU usage on an endpoint that several users used simultaneously.
Fixed an issue where the Traps Logs Utility (GetLogsUtilAgent.exe/Getlogsutil.exe) stopped working as soon as you ran it. (The utility is used to collect support logs when the Traps agent stops responding.)
Fixed an issue where the CLI help for the cytool vdi command displayed the wrong description: Initiate Check-inNow <send heartbeat to server>. With this fix, the command help displays the following description:
> cytool vdi /? Perform VDI operations Usage: cytool vdi operation operation One of the following: update Update Golden Image name in registry
|CPA-1942||Fixed an issue that occurred when you first installed the Traps agent where the Traps management service took up to one hour to display the associated content and agent version.|
Traps Agent 5.0.0 Addressed Issues
Addressed Issues in Traps agent 5.0.0
Fixed an issue on Windows 10 endpoints where, after you installed the latest Windows update and opened a Windows program, Traps injection caused WoW64 (Windows 32-bit on Windows 64-bit) processes to stop responding.
Addressed Issues for Android, Chrome, Windows, Windows 10 UWP, Mac, and Linux
See the list of addressed issues in GlobalProtect app 5.0 for Android, Chrome, Windows, Windows 10 UWP, Mac, and Linux. ...
Addressed Issues for iOS
This topic describes the issues addressed in GlobalProtect app 5.0 for iOS. ...
Features Introduced in Traps Agent
Features Introduced in Traps Agent 5.0 The following topics describe the new features introduced in Traps agent 5.0 releases. Features Introduced in Traps Agent 5.0.7 ...
Traps Agent 5.0 for Windows
To uninstall, use, and upgrade the Traps agent 5.0 on Windows endpoints, see the references in this topic. ...
Traps Agent Release Information
Traps Agent Release Information Features Introduced in Traps Agent 5.0 Changes to Default Behavior Changes to Default Behavior in Traps 5.0 releases. Limitations Associated Software ...
Use the Traps Agent for Windows
Use the Traps console to view the agent status, initiate a connection to the server, view and send logs, view security events that occurred on ...
Install the Traps Agent for Windows
Use the following workflows to install the Traps agent 5.0 on Windows endpoints. This topic provides options to use the MSI, Msiexec, and how to ...