Traps Agent Addressed Issues

List of addressed issues in Traps agent 6.1 releases.
The following tables lists the issues that are addressed in Traps agent 6.1 releases.

Traps Agent 6.1.3 Addressed Issues

Issue ID
Description
CPATR-7635
Fixed a memory leak that occurred on specific network hardware during event collection of network events.
CPATR-7577
Fixed an issue where ESM environments migrating to Traps management service cloud-based environments could not install Traps agent version 6.1.2 on Linux endpoints. Now in version 6.1.3, you can create an
Upgrade from ESM
agent installation package for Linux in Traps management service, upload it to ESM, and send out to all your agents for upgrade.
CPATR-7575
Fixed a compatibility issue with Traps and MicrosoftAppV, which caused the endpoint to become unresponsive sometimes.
CPATR-7545
Fixed an issue in the Traps upgrade process on Linux endpoints, where you had to restart the agent after Traps upgrade in order for the new kernel module to be updated.
CPATR-7509
Fixed an issue on Windows endpoints, where sometimes the Traps agent would time-out during certain file operations.
CPATR-7420
Fixed a performance issue that occurred when event-log messages were parsed without caching.
CPATR-7419
Fixed an issue on Linux endpoints, where injecting into processes caused them to hang.
CPATR-7408
Fixed an issue where Windows endpoints overloaded the endpoint kernel stack and became unresponsive if a large number of drivers, including Traps, attempted to load at the same time.
CPATR-7402
Fixed a performance issue that occurred due to redundant file calls when Traps tampering protection was enabled.
CPATR-7397
Fixed a compatibility issue where an agent running Traps version 6.1.2 could not connect to the Traps management service if the Palo Alto Networks firewall deployed in the environment was set to enable SSL Decryption.
CPATR-7396
Fixed a performance issue of increased compilation times for users on Mac endpoints running Traps.
CPATR-7360
Fixed an issue where the digital signer of the file was missing in the security event details extracted from the Traps endpoint during a scan.
CPATR-7342
Fixed an issue on Windows endpoints where Ransomware security events queried relative files by the file name instead of the file path.
CPATR-7311
Fixed an issue where after restating the endpoint, Traps became incompatible with the macOS running on the endpoint.
CPATR-2436
Fixed an issue where the Signer was not being reported back to Traps management service as part of the security event during the scanning of files on Traps endpoints.

Traps Agent 6.1.2 Addressed Issues

Issue ID
Description
CPA-7193
Improved Traps performance on Mac endpoints during heavy processes load on the endpoint.
CPA-7143
Fixed an issue where delayed, cached, queued, or heavy loads of data collection events cause a high memory usage for the cyveraservice.exe process.
CPA-7050
Fixed an issue where the Traps agent console reported the agent is Connecting instead of Disabled after Exploit and Malware policies were disabled through the Traps management service.
CPA-6881
Fixed a high memory consumption issue of the trapsd process on Mac endpoints.
CPA-6730
Fixed an issue that occurred when starting a VDI session, where the Traps console and Traps tray icon appeared to be disabled event though they were fully functional.
CPA-6666
Fixed a compatibility issues for the ROP Mitigation module with the vstfpd service.
CPA-6643
Improved the logic of identifying logged-in users so that Traps relies on the user SID, a unique Windows user security identifier, when the usernames in SAM and UPN accounts are different.
CPA-6588
Fixed an issue where a Traps agent would get disconnected from the Traps management service during a Live Terminal session. This occurred when Traps management service was downloading encrypted files (EFS) from Windows endpoints.
CPA-6567
On Linux endpoints, uninstalling Traps using the uninstall script fails if the trapsd server is down.
CPA-6513
Fixed an issue on Linux endpoints, where Traps could excessively print log messages to system logging infrastructure.
CPA-6381
Allowed for configurable timeout for policy updates on Linux endpoints.

Traps Agent 6.1.1 Addressed Issues

Issue ID
Description
CPA-6953
Fixed an issue on endpoints running Windows 7, where a Traps agent could halt when scanning loaded DLL files.
CPA-6893
Fixed a performance issue that occurred when Traps was calculating a process hash.
CPA-6892
Fixed a performance issue that occurred when Traps attempted to open a corrupt document.
CPA-6885
Fixed an issue where Mac endpoints running Traps 6.1 and Symantec would freeze upon shutdown.
CPA-6866
Fixed a driver compatibility issue on Mac endpoints running Symantec.
CPA-6840
Fixed an issue that occurred on Windows endpoints whose Agent Setting profile was configured to disable access to the Traps console on the endpoint. If you tried to access the console anyway, the system message wrongly stated that Traps has been disabled instead of indicating that your access to the Console has been disabled.
CPA-6786
When enabling Traps to monitor and collect data for sharing EDR data with other Cortex apps, Traps could halt if it attempted to reference a process that has already ended.
CPA-6782
Fixed an issue where the Traps agent reported to be working with the new content version even though the content update failed on the endpoint.
CPA-6651
Fixed a compatibility issue with CFG exports suppression on endpoints running Windows 10 RS2 Version 1703 (Build 15063) and later.
CPA-6586
Fixed an issue where a Mac agent that became unlicensed could not be uninstalled using the default system password.
CPA-6542
Now for Behavioral Threat events on Mac and Linux endpoints, the Analysis tab of the security event displays the correct year in the timeline.
CPA-6461
Fixed an issue on Windows endpoints where the incorrect content version number may be reported back to Traps management service in case of a communication error.
CPA-6344
Now you can upgrade Mac endpoints running Symantec to Traps 6.1.X version.
CPA-6315
Fixed an issue in non-persistent VDI environments, where Traps agents on Windows endpoints were unable to connect to the Traps management service but the endpoint details on Traps management service displayed an active status.
CPATR-6668
Fixed an issue where events where the evaluation of behavioral threat events caused high CPU usage on Windows endpoints.

Traps Agent 6.1.0 Addressed Issues

There are no addressed issues in 6.1.0.

Related Documentation