Addressed issues in Cortex XDR agent 7.9-CE release for Windows, macOS, iOS, and Linux.
Cortex XDR Agent 7.9.103-CE Addressed Issues
The following issues have been resolved in this release.
Issue | Description |
---|---|
CPATR-24407 (Linux) | Fixed an issue where on rare occasions, the Cortex XDR agent may not load the Kernel module on SUSE Linux Enterprise Server 15.3. |
CPATR-24120 (Linux) | Increased the log level of a message that is issued when event collection fails to start. |
CPATR-23499 Windows | Fixed an issue where a short time lapse may have been encountered, in certain VPN solutions, before endpoint management recognized the protection status of the Cortex XDR agent after the machine boots up. |
Addressed Issues in Cortex XDR Agent 7.9.102-CE
The following issues have been resolved in this release.
Issue | Description |
---|---|
CPATR‑23360 (Linux) | Fixed an issue that may be encountered when running a clean installation with a package manager on a specific system configuration, where the clean installation may be deemed as an upgrade. |
CPATR-23265 | Fixed an issue so that files with special characters in the filename may be deleted with the destroy command. |
CPATR-22755 (Windows) | Fixed an issue that may cause user applications to get sharing violation errors when opening Office documents that have macros or portable executable files. |
CPATR-22636 (Windows) | Fixed an issue where consuming clipboard events may cause agent stability issues. |
CPATR-22565 (Windows) | Improvement made to the Cortex XDR agent security and stability posture. |
CPATR-22407 (Linux) | Fixed an issue where the upgrade flag is provided for clean install. |
CPATR-22247 | Fixed an issue that may impact endpoints that do not support the BMI2 instruction set. |
CPATR-22202 | Fixed an issue where for some alerts, the username field was not populated. |
CPATR-21933 (Linux) | Cortex XDR agents can be deployed in Linux environments where Pod Security Admission controller enforces Pod Security Standards. |
CPATR-21870 (Windows) | Fixed an issue that may lead to agent upgrade failure on non-US locale OS editions. |
CPATR-21825 (Windows) | Fixed an issue where persistent hash caching may cause system deadlocks during volume dismounting. |
CPATR-21465 (Linux) | Fixed an issue on RHEL 8 and RHEL 9-based endpoints that may prevent the Cortex XDR agent from starting correctly. |
CPATR-21445 (Linux) | Fixed an issue that may lead to agent processes timeout. |
CPATR-21331 (Windows) | Fixed an issue that may lead to high CPU resources on Windows Server endpoints. |
CPATR-21125 (Linux) | Fixed a rare issue that may cause Cortex XDR agent installation to fail. |
CPATR-20816 | Fixed an agent stability issue that may occur after multiple cases of endpoint hardboot or by file system failures. |
CPATR-20233 | Fixed an issue to ensure that an interrupted scheduled scan will resume scanning as close to the scheduled timeframe as possible. |
Addressed Issues In Cortex XDR Agent 7.9.101-CE
The following issues have been addressed in release 7.9.101-CE.
Issue | Description |
---|---|
CPATR-20548 (Windows) | Fixed an issue where local hash caching may impact application file access. |
CPATR‑20300 (Windows) | Fixed an issue that may cause instability when enabling injections with Driver Verifier enabled. |
CPATR‑20269 (Windows) | Fixed an issue that may cause the disk manager to handle detached virtual volumes incorrectly. |
CPATR‑20215 (MacOS) | Fixed an issue where the Cortex XDR agent console falsely reported a Cortex XDR endpoint as unprotected. |
CPATR-20174 | Added support for Amazon Linux 2023. |
CPATR-19959 (Windows) | Fixed an issue in the Java anti-deserialization protection module that may cause reporting of false positive alerts. |
CPATR-19823 (Windows) | Fixed an issue that may impact boot time of Windows 11-based endpoints where virtualization-based security (VBS) was enabled. |
CPATR-19721 | Fixed an issue where in some cases, file scans were incomplete and could lead to incorrect detection. |
CPATR-19716 | Fixed an issue that affected system extension memory in rare system cases. |
CPATR-19535 | Fixed an issue that falsely reported Cortex XDR agent operational status when some modules were disabled in the policy profile. |
CPATR-19245 | Fixed an issue where the Cortex XDR agent may face connection issues to the Cortex XDR server due to missing files. |
CPATR-18588 | Fixed an issue where applications may fail due to virtual memory reservations. |
CPATR-18293 | Fixed an issue where various file system volumes, such as CSV, VSS, and VHD, could not be excluded from monitoring. |
CPATR-17891 | Fixed an issue with Java module protection module that could lead to Java virtual machine incompatibilities. |
CPATR-15156 | Fixed an issue where performing a File Search action without removing the file, results in a no file_results report being sent to the server, leaving the action in the 'In Progress' state. |
Addressed issues in Cortex XDR agent 7.9-CE
Issue | Description |
---|---|
CPATR-19305 | Fixed an issue where corruption of internal files may lead to agent instability. |
CPATR-19140 | Fixed an issue where the causality termination did not detect the source process correctly. |
CPATR-19009 (Windows) | Fixed an issue where a Windows function registry key was created falsely, which led to the creation of empty user profiles, resulting in a compatibility issue with SCCM deployment. |
CPATR-18979 (Windows) | Fixed an issue with driver unload on Windows 11 22H2 where the endpoint may come to a halt. |
CPATR-18967 (Mac) | Fixed an issue where running the uninstaller.sh may lead to slowness on external apps. |
CPATR-18856 | In Citrix App Layering, Cortex XDR from version 7.9.1 supports content update regardless of the agent installation type. |
CPATR-18853 (Windows) | Fixed an issue of incorrect domain name extraction in Windows endpoints. |
CPATR-18847 (Linux) | Fixed an issue that when running with aarch64 architecture, the agent shows as partially protected. |
CPATR-18797 (Mac) | Fixed an issue where the cytool startup command didn't work as expected and required the user to first stop the agent's services. |
CPATR-18757 (iOS) | Fixed an issue where the Cortex XDR icon was cropped during registration. |
CPATR-18754 (Windows) | Fixed an issue where the agent console may have become unavailable due to a file load conflict. |
CPATR-18628 (Linux) | Fixed an issue of a potential deadlock occurring during MMAP hook. |
CPATR-18625 (VDI Windows) | Fixed an issue where the Microsoft Signature check in VDIs may impact boot time. |
CPATR-18608 (Linux) | Fixed an issue where a scheduled scan runs incorrectly if a manual scan is triggered. |
CPATR-18580 (Windows) | Fixed an issue that occurred when virtual USB Devices were removed. |
CPATR-18342 (Windows) | Fixed an issue on Windows-based Cortex XDR agents where the Java Deserialization Protection (JDP) module was activated on incompatible Java processes that were executed early during system boot. |
CPATR‑18374 | Fixed an issue where multiple agents begin uploading at once which may lead to overload and too many request errors. |
CPATR‑18332 | Fixed an issue of redundant Check-In operation during VDI session registration. |
CPATR‑18314 | Fixed an issue where the virtual memory count is the same in every collection. |
CPATR‑18185 | Fixed an issue of data corruption caused by accumulation of large amounts of data. |
CPATR‑18172 | Fixed an issue which caused the audit log of a successful upgrade to be reported twice. |
CPATR‑18144 | Fixed an issue where XDR Agent makes continuous attempts to write to the EDR directory, even when failing to read the directory's size. |
CPATR‑18115 | Fixed an issue where periodic network scans did not obtain operating system details due to incorrect reporting of the XDR Agent's network interface subnet mask. |
CPATR‑18108 | Fixed an issue which caused some services to start automatically in safe mode. |
CPATR‑18100 | Fixed an issue with the 'cytool import content' command which caused the command to fail. |
CPATR‑17994 | Fixed an issue where Cortex XDR agent mishandled preventions when the allowlist exceeded a certain size |
CPATR‑17886 | Fixed an issue where Cortex XDR agent sometimes caused a deadlock in the java application during native library load. |
CPATR‑17814 | Fixed an issue which caused threat intel log errors when the IOC feature is disabled. |
CPATR‑17807 (Windows) | Fixed an issue where missing or invalid timezone keys strings prevents XDR Agent from running scripts. |
CPATR-17458 | Fixed an issue which prevented the resolution of DNS requests in queries. |
CPATR‑16542 | Fixed an issue where XDR Agent may not parse the proxies list successfully, and continues to use incorrect proxies. |
CPATR‑16452 | Fixed an issue which caused the wrong location to be returned by DNS queries. |
CPATR‑15809 (Windows) | Fixed an issue which made XDR Agent use the endpoint's DNS suffix instead of the actual domain name. |
CPATR‑10830 | Fixed an issue where the alert of a post detection termination event of multiple processes or applications does not list the process/application name. |