Addressed Issues in Traps Agent 5.0.12-hotfix
The following has been addressed in this release for build number:
Windows - 5.0.12.65273
Issue ID | Description |
---|---|
CPATR-17434 | Moved the Generate Support File function from the agent home screen to a cytool command. |
Addressed Issues in Traps Agent 5.0.12-hotfix
The following has been addressed in this release for build number:
Windows - 5.0.12.40819
Issue ID | Description |
---|---|
CPATR-12633 (Windows) | Fixed security issues. |
CPATR-13405 (Windows) | Fixed security issue. |
CPATR-14895 | Fixed an issue where Cortex XDR agents running without trusting certificates “GlobalSign Root CA” may encounter issues downloading upgrade packages and content updates, and may also affect large scans verdict retrieval. |
CPATR-13408 (Windows) | Fixed security issue. |
CPATR-13480 (Windows) | Fixed security issue. |
Addressed Issues in Traps Agent 5.0.12
Issue ID | Description |
---|---|
CPATR-13480, CPATR-13408, CPATR-13405, CPATR-12633 | Addressed security issues. |
Addressed Issues in Traps Agent 5.0.11
Issue ID | Description |
---|---|
CPATR-12649, CPATR-11311 | Fixed an issue where the agent did not detect the existence of a macro within a Microsoft Office document. |
CPATR-12507, CPATR-11927 | Addressed security issues. |
CPATR-12009 | Fixed an issue where the agent did not analyze the macro content within a Microsoft Office document. |
CPATR-10687 | Fixed an issue where the agent did not report post detection events of Microsoft Office files with macros to the management server. NoteIn case of post detection events of Office file with macros, the agent does not terminate the source process regardless of the applied Malware Profile. |
Addressed Issues in Traps Agent 5.0.10
Issue ID | Description |
---|---|
CPATR-10427 | On Windows endpoints, fixed an issue where the agent displayed a notification about quarantined files even though the agent was configured to hide the notification. |
CPATR-9871 | Addressed security issues. |
Addressed Issues in Traps Agent 5.0.9
There are no addressed issues in this release.
Addressed Issues in Traps Agent 5.0.8
Issue ID | Description |
---|---|
CPATR-7900 | Fixed an issue that occurred after a malware scan completed where Traps reported duplicate scan completion events to Traps management service. |
CPATR-7853 | Fixed an issue on Windows VDI where Traps could not generate a Tech Support File if you used Roaming User Profiles. |
CPATR-7839 | Fixed an issue where the Traps console displayed a disabled status when policy was enabled. |
CPATR-7609 | Fixed an issue on Windows Server 2003 SP2 where Traps failed to detect user proxy settings. when the settings are defined for a local administrator account. |
CPATR-7465 | Fixed a high CPU consumption issue on endpoints running Windows XP. |
CPATR-7050 | Fixed an issue where the Traps agent console reported the agent was Connecting instead of Disabled after Exploit and Malware policies were disabled through the Traps management service. |
CPATR-6892 | Fixed a performance issue that occurred when Traps attempted to examine a corrupt document. |
CPATR-6464 | Fixed an issue where Traps displays the status of the agent as Connecting instead of Unlicensed when an unlicensed agent attempted to connect to Traps management service. |
Addressed Issues in Traps Agent 5.0.7
Issue ID | Description |
---|---|
CPA-6123 | Fixed an issue on Windows 10 endpoints that had |
CPA-6084 | Fixed an issue on Windows endpoints where an endpoint scan could not complete due to a corrupted Object Linking and Embedding (OLE) file. |
CPA-6015 | Fixed an issue with error handling on Windows endpoints where, in rare cases, Traps changed the Last Error value. |
CPA-5985 | Fixed an issue on Windows 8 and Windows Server 2012 and later endpoints where if you used Offloaded Data Transfers (ODX), you experienced slowness copying and moving files between Intelligent Storage Arrays (ISAs). Now, you can copy and move files without experiencing any degradation in performance. |
CPA-5933 | When you use a GPO to deploy Traps on Windows endpoints, assigning the policy to Active Directory users (instead of computers) causes subsequent attempts to uninstall or upgrade the Traps agents to fail. To ensure upgrades and uninstalls succeed, verify that the GPO command line does not include the ALLUSERS parameter (with any values). |
CPA-5816 | Fixed an issue which caused high CPU utilization on Windows endpoints due to gRPC. |
CPA-5733 | Fixed an issue where the Traps management service sent updates to Traps agents without the distribution ID, causing the agents to become disconnected. |
CPA-5161 | Fixed an issue where TLAService—which is primarily responsible for the Traps local analysis module—failed to initialize when the system account specified in the %TMP% environment variable was not reachable. |
CPA-4725 | Fixed an issue where periodic scanning caused the file streaming mechanisms of Microsoft OneDrive and Google Drive to sync locally, which resulted in high local disk space consumption for files that should have been stored in the cloud. |
CPA-4724 | Fixed an issue where some Traps EPMs raised a security event for processes that were whitelisted instead of allowing them to run. |
CPA-3358 | Fixed an issue on Windows endpoints, where the Traps management service prevented the completion of Microsoft Office application crash recovery. |
Addressed Issues in Traps Agent 5.0.6
Issue ID | Description |
---|---|
CPA-4937 | Fixed an issue with error handling where multiple attempts to load Traps DLLs caused failures during the process initialization flow which resulted in a prevention or halted a Traps process. |
CPA-4904 | Fixed an issue that occurred when Symantec Endpoint Protection was installed in parallel with Traps where the lsass.exe process halted suddenly and caused the endpoint to enter a reboot loop. |
CPA-4861 | Fixed an issue where the DLL Security module raised a security event when a DLL on a stackwalk whitelist was also specified on a blacklist. Now, the whitelist takes precedence over the blacklist. |
CPA-4813 | Fixed an issue on Linux endpoints that caused Traps installation to fail when the logic used to determine the hostname of the endpoint did not match the actual hostname. |
CPA-4741 | Fixed an issue on Windows endpoints where the Traps agent would be deactivated when the default policy file was found empty thereby preventing additional policy updates. |
CPA-4675 | Fixed an issue where the Traps registry configuration could be overwritten when Traps Tampering Protection was enabled as part of an Agent Settings profile. |
CPA-4604 | Fixed an issue with the Ransomware Protection module which caused image loading delays with third-party applications. |
CPA-4601 | Fixed an issue on Linux endpoints where Traps prevented a cron job from running shell scripts due to a compatibility issue with glibc version 2.22. |
CPA-4583 | Fixed an issue on Linux endpoints where the Shellcode Protection module raised security events when the module identified a return address in a non-executable region of the process. Now, the Shellcode Protection module only raises events when the return address is to an executable region. |
CPA-3352 | Fixed an issue on endpoints running Windows 10 Insider Preview where the Windows Defender Security Center displayed Virus & threat protection as Unknown and displayed Status unavailable for Traps even though Traps successfully registered with the Security Center and was available. |
CPA-3134 | Fixed an issue where the local Traps database accepted unreadable data (serialized non-UTF8 strings) which could partially or fully corrupt the local database. |
Addressed Issues in Traps Agent 5.0.5
Issue ID | Description |
---|---|
CPA-4485 | Fixed an issue on Mac endpoints where Traps reported security events for legitimate processes when the queue of protected processes became obsolete after a period of inactivity and a process ID (PID) was reused. Now, Traps clears the queue of terminated processes at regular intervals to prevent PID reuse. |
CPA-4427 | Fixed an issue on Windows 10 virtual machines and new installations on macOS 10.14 where the Traps console did not reflect the current protection state on the endpoint when the network was disconnected or immediately following the end of the installation. |
CPA-4422 | Fixed an issue where Traps did not apply tampering protection to the parent directory of the Traps installation. |
CPA-4334 | Fixed a performance issue where Traps caused delays opening large files from network shares. |
CPA-4232 | Fixed an issue on Mac endpoints where Traps did not provide visibility when Traps was not approved as a kernel extension provider and thus caused Traps to operate in incompatible mode. Now, Traps logs an event when the kernel extensions are not enabled so that you can remedy the issue on the endpoint. |
CPA-4198 | Fixed an issue where the Traps agent experienced delays sending file reports to the Traps management service to obtain the WildFire verdict. Now, the Traps agent sends reports and verdict requests on the next periodic interval even if a security event was triggered in between. |
CPA-4129 | Fixed an issue on Mac endpoints running macOS 10.14.1 where after installing Traps, the agent started in incompatible mode. This occurred in the following scenarios:
|
CPA-3868 | Fixed an issue on endpoints running Windows 8 and later releases where Traps incorrectly DLL Security and UASLR exploit protection modules (EPMs) triggered events reported events incorrectly. This was due to a memory mapping issue with the EPMs. |
CPA-3780 | Fixed an issue where you could not install Traps on a Windows Server 2003 SP2 x86 endpoints when third-party software that injects into similar processes—such as McAfee—was installed. |
CPA-3779 | Fixed an issue where you could not install Traps on a Windows Server 2003 SP2 x86 endpoints when third-party software that injects into similar processes—such as McAfee—was installed. |
CPA-3413 | Fixed an issue where the Traps agent reported the old agent version following an upgrade from the Endpoint Security Manager to Traps management service. Now, Traps uses the agent version from cyvera service and not from the registry. |
CPA-3287 | Fixed an issue that occurred when Traps analyzed an Office file that contained a macro where Traps caused delays in the startup of the process opening the file. |
Addressed Issues in Traps Agent 5.0.4
Issue ID | Description |
---|---|
CPA-3850 | Fixed an issue where the Actions Tracker on the Traps management service reported that successful agent upgrades had failed. With this fix, Traps agents running 5.0.4 and above will correctly report successful upgrades. |
CPA-3833 | Fixed an issue that caused delays with Traps startup when a network error occurred on the endpoint. |
CPA-3634 | Fixed an issue with VDI where after a user logged out and back in, the Traps agent did not re-register with the Traps management service. |
CPA-3597 | Fixed an issue that occurred after you removed a hash exception from the Traps management service where the Traps agent failed to check in with the Traps management service, and therefore did not obtain the latest policy. |
CPA-3555 | Fixed an issue on Mac endpoints, where the Traps icon was hidden intermittently in the menu bar following a reboot. |
CPA-3497 | Fixed an issue on Windows 8.1, Windows 10, Windows Server 2012, and Windows Server 2016 where Sysprep failed and the endpoint could not finish booting when you enabled registry values protection. |
CPA-3496 | Fixed an issue where some Traps EPMs—such as DLL Security—caused a process to crash if Traps could not analyze opcodes. |
CPA-3440 | Fixed an issue on Windows endpoints where Traps did not apply policy to Active Directory users and groups. |
CPA-3414 | Fixed an issue on remote desktop sessions to RDS servers where Traps reported the username of the console user instead of the logged on user with analytics for a file. |
CPA-3404 | Fixed an issue on virtual machines where Traps reported changes to the unique ID associated with the endpoint resulting in excess license consumption. |
CPA-3018 | Fixed an issue encountered during scanning where Traps reported file errors for page, swap, and hibernation system files. |
CPA-1861 | Fixed an issue where the Traps agent took up to five minutes to send changes to endpoint details—such as username, user domain, or hostname—after an endpoint restarted. |
CPA-1768 | Fixed an issue that occurred when a remote user logged into a Remote Desktop Server, where Traps did not capture the name of the remote user and, as a result, identified the user as undefined in logs. |
Addressed Issues in Traps Agent 5.0.3-h1
Issue ID | Description |
---|---|
CPA-3569 | Fixed an issue that prevented you from excluding Traps agent traffic via a proxy server from SSL decryption. Now, you can use the agent-user information supplied during the Traps connection request to the server to filter out Traps agent traffic from SSL decryption. |
CPA-3554 | Fixed an issue that caused high memory consumption on Windows endpoints. |
CPA-3548 | Fixed an issue on 64-bit Windows endpoints with Traps 5.0 releases earlier than 5.0.3.38921, where memory consumption increased over time due to a leak of native 64-bit processes that are protected by Traps. |
CPA-3436 | Fixed an issue with the Kernel Escalation Privilege exploit protection module which caused high CPU consumption on Linux endpoints. |
Addressed Issues in Traps Agent 5.0.3
Issue ID | Description |
---|---|
CPA-2814 | Fixed an issue on Linux endpoints where Traps installation failed when multiple OpenSSL Red-hat Package Manager (RPM) packages were also installed. |
Addressed Issues in Traps Agent 5.0.2
Issue ID | Description |
---|---|
CPA-3130 | Fixed an issue with identification of VDI in VMWare Horizon View and Hyper-V environments and made general back-end improvements for VDI deployments. |
Addressed Issues in Traps Agent 5.0.1
Issue ID | Description |
---|---|
CPA-2723 | Fixed an issue in the Traps management service web interface where the Endpoints page did not display the domain name for agents (in the host Name column) after the virtual machines they ran on were shut down. |
CPA-2722 | Fixed an issue on Windows Server 2003 endpoints where, after you migrated to Traps agent 5.0 from an earlier version, the endpoints could not connect to the Traps management service. |
CPA-2697 | Fixed an issue where, after you migrated to Traps agent 5.0, the Traps local analysis service consumed all the CPU usage on an endpoint. |
CPA-2681 | Fixed an issue where clicking Check In Now in the Traps agent console disconnected the agent from the Traps management service after you configured a malware profile with a Parent Process Name that exceeded 250 characters ( → → ). |
CPA-2679 | Fixed an issue where the Traps local analysis service consumed high CPU usage on an endpoint that several users used simultaneously. |
CPA-2559 | Fixed an issue where the Traps Logs Utility (GetLogsUtilAgent.exe/Getlogsutil.exe) stopped working as soon as you ran it. (The utility is used to collect support logs when the Traps agent stops responding.) |
CPA-2525 | Fixed an issue where the CLI help for the > |
CPA-1942 | Fixed an issue that occurred when you first installed the Traps agent where the Traps management service took up to one hour to display the associated content and agent version. |
Addressed Issues in Traps Agent 5.0.0
Addressed Issues in Traps agent 5.0.0
Issue ID | Description |
---|---|
CPA-2590 | Fixed an issue on Windows 10 endpoints where, after you installed the latest Windows update and opened a Windows program, Traps injection caused WoW64 (Windows 32-bit on Windows 64-bit) processes to stop responding. |