Addressed Issues in Cortex XDR Agent 7.9-CE - Release Notes - 7.9ce - Cortex XDR - Cortex XDR Agent - Advanced Endpoint Protection - Cortex - Security Operations

Cortex XDR Agent Release Notes

Product
Cortex XDR
Cortex XDR Agent
Version
7.9ce
Creation date
2024-05-02
Last date published
2024-05-20
Category
Release Notes
Abstract

Addressed issues in Cortex XDR agent 7.9-CE release for Windows, macOS, iOS, and Linux.

Addressed issues in Cortex XDR agent 7.9-CE

Issue

Description

CPATR-19305

Fixed an issue where corruption of internal files may lead to agent instability.

CPATR-19140

Fixed an issue where the causality termination did not detect the source process correctly.

CPATR-19009

(Windows)

Fixed an issue where a Windows function registry key was created falsely, which led to the creation of empty user profiles, resulting in a compatibility issue with SCCM deployment.

CPATR-18979

(Windows)

Fixed an issue with driver unload on Windows 11 22H2 where the endpoint may come to a halt.

CPATR-18967

(Mac)

Fixed an issue where running the uninstaller.sh may lead to slowness on external apps.

CPATR-18856

In Citrix App Layering, Cortex XDR from version 7.9.1 supports content update regardless of the agent installation type.

CPATR-18853

(Windows)

Fixed an issue of incorrect domain name extraction in Windows endpoints.

CPATR-18847

(Linux)

Fixed an issue that when running with aarch64 architecture, the agent shows as partially protected.

CPATR-18797

(Mac)

Fixed an issue where the cytool startup command didn't work as expected and required the user to first stop the agent's services.

CPATR-18757

(iOS)

Fixed an issue where the Cortex XDR icon was cropped during registration.

CPATR-18754

(Windows)

Fixed an issue where the agent console may have become unavailable due to a file load conflict.

CPATR-18628

(Linux)

Fixed an issue of a potential deadlock occurring during MMAP hook.

CPATR-18625

(VDI Windows)

Fixed an issue where the Microsoft Signature check in VDIs may impact boot time.

CPATR-18608

(Linux)

Fixed an issue where a scheduled scan runs incorrectly if a manual scan is triggered.

CPATR-18580

(Windows)

Fixed an issue that occurred when virtual USB Devices were removed.

CPATR-18342

(Windows)

Fixed an issue on Windows-based Cortex XDR agents where the Java Deserialization Protection (JDP) module was activated on incompatible Java processes that were executed early during system boot.

CPATR‑18374

Fixed an issue where multiple agents begin uploading at once which may lead to overload and too many request errors.

CPATR‑18332

Fixed an issue of redundant Check-In operation during VDI session registration.

CPATR‑18314

Fixed an issue where the virtual memory count is the same in every collection.

CPATR‑18185

Fixed an issue of data corruption caused by accumulation of large amounts of data.

CPATR‑18172

Fixed an issue which caused the audit log of a successful upgrade to be reported twice.

CPATR‑18144

Fixed an issue where XDR Agent makes continuous attempts to write to the EDR directory, even when failing to read the directory's size.

CPATR‑18115

Fixed an issue where periodic network scans did not obtain operating system details due to incorrect reporting of the XDR Agent's network interface subnet mask.

CPATR‑18108

Fixed an issue which caused some services to start automatically in safe mode.

CPATR‑18100

Fixed an issue with the 'cytool import content' command which caused the command to fail.

CPATR‑17994

Fixed an issue where Cortex XDR agent mishandled preventions when the allowlist exceeded a certain size

CPATR‑17886

Fixed an issue where Cortex XDR agent sometimes caused a deadlock in the java application during native library load.

CPATR‑17814

Fixed an issue which caused threat intel log errors when the IOC feature is disabled.

CPATR‑17807

(Windows)

Fixed an issue where missing or invalid timezone keys strings prevents XDR Agent from running scripts.

CPATR-17458

Fixed an issue which prevented the resolution of DNS requests in queries.

CPATR‑16542

Fixed an issue where XDR Agent may not parse the proxies list successfully, and continues to use incorrect proxies.

CPATR‑16452

Fixed an issue which caused the wrong location to be returned by DNS queries.

CPATR‑15809

(Windows)

Fixed an issue which made XDR Agent use the endpoint's DNS suffix instead of the actual domain name.

CPATR‑10830

Fixed an issue where the alert of a post detection termination event of multiple processes or applications does not list the process/application name.