August 13, 2023 Service Pack
The following Service Pack versions were released:
Versions (Sensor and Server) |
---|
22.1.401 23.1.202 |
The tables below describe the enhancements, fixed issues, and changes included in each version.
The Versions column indicates the versions that include the fix. (For more information, see the note above)
The Required Update column indicates if the fix requires sensor/server update.
IMPORTANT: If you want to upgrade your servers to this version, we recommend that you upgrade all components - Registration server, Detection servers, and WebApp server - to this version.
Version 22.1.401
Issue |
Area |
Description |
Required Update |
Supported OS |
---|---|---|---|---|
DFND-49876 |
Investigation |
In Japanese environments, when exporting query results to a CSV file, the exported CSV file did not include the AM or PM designation on times. We have resolved this issue and the exported CSV files will now include the AM or PM with the time. |
Server |
N/A |
DFND-49398 |
Malops management |
In Japanese environments, In the MalOp details screen, we have updated the string 件を開始 (as part of the Process started/ended) to を開始 to make the string a more accurate translation. |
Server |
N/A |
DFND-49165 |
Sensor performance |
When upgrading sensors on Windows machines from recent versions, the sensor would not run as expected due to repeated crashes in the minionhost.exe process. We have resolved this issue and the sensors will upgrade successfully without the repeated crashes. |
Sensor and server |
Windows |
DFND-49016 |
Malops management |
In the MalOp details screen, if you selected the View activity since remediated option, no additional data displayed even though there had been associated activity for that MalOp. We have updated the View activity since remediation option to View activity since closed to more accurately reflect what the option displays. |
Server |
N/A |
DFND-48850 |
Sensor installation |
When installing Linux sensors, at times you would see warning messages in the installation logs about missing libraries, even though the sensor was working properly and the library may have been installed on the machine. We have updated the sensor installation logic and these warnings will be reported in a more meaningful way or not reported at all in some cases. |
Sensor and server |
Linux |
DFND-48616 |
User roles |
In a sensor policy, users with the System Viewer were unable to scroll and view the full list of exclusions available in the sensor policy. We have resolved this issue and users with this role will be able to scroll and see policy exclusions, not just the few exclusions that display in the first few rows of the table. |
Server |
N/A |
DFND-48512 |
Sensor upgrade |
In the most recent version, in some cases, when performing a sensor upgrade the sensor upgrade did not work and remained in progress indefinitely. We have resolved this issue and sensor upgrades will work properly. |
Sensor and server |
All |
DFND-47486 |
Device Control |
In the Device Control screen, at times, events that were reported on endpoint machines did not display on the Device Control screen. We have resolved this issue and events reported on the endpoint machine will also report on the Device Control screen. |
Sensor and server |
Windows |
DFND-47146 |
Remediation |
We have updated the logic used by the Cybereason platform’s file quarantine feature to ensure that the sensor cannot quarantine sensor-related files. |
Sensor and server |
All |
DFND-21874 |
User roles |
Users with the Sensor Admin L1 role can now assign sensors to any group and remove sensors from any group to which they have permissions. |
Server |
N/A |
DFND-6192 |
Malops |
We have made some adjustments to how the Cybereason platform retains data, especially related to MalOp details, to reduce the time for a MalOp to be generated and to ensure that as many details for the MalOp are reported in the MalOp details. |
Server |
N/A |
Version 23.1.202
Issue |
Area |
Description |
Required Update |
Supported OS |
---|---|---|---|---|
DFND-49876 |
Investigation |
In Japanese environments, when exporting query results to a CSV file, the exported CSV file did not include the AM or PM designation on times. We have resolved this issue and the exported CSV files will now include the AM or PM with the time. |
Server |
N/A |
DFND-49398 |
Malops management |
In Japanese environments, In the MalOp details screen, we have updated the string 件を開始 (as part of the Process started/ended) to を開始 to make the string a more accurate translation. |
Server |
N/A |
DFND-49016 |
Malops management |
In the MalOp details screen, if you selected the View activity since remediated option, no additional data displayed even though there had been associated activity for that MalOp. We have updated the View activity since remediation option to View activity since closed to more accurately reflect what the option displays. |
Server |
N/A |
DFND-49165 |
Sensor performance |
When upgrading sensors on Windows machines from recent versions, the sensor would not run as expected due to repeated crashes in the minionhost.exe process. We have resolved this issue and the sensors will upgrade successfully without the repeated crashes. |
Sensor and server |
Windows |
DFND-48850 |
Sensor installation |
When installing Linux sensors, at times you would see warning messages in the installation logs about missing libraries, even though the sensor was working properly and the library may have been installed on the machine. We have updated the sensor installation logic and these warnings will be reported in a more meaningful way or not reported at all in some cases. |
Sensor and server |
Linux |
DFND-48616 |
User roles |
In a sensor policy, users with the System Viewer were unable to scroll and view the full list of exclusions available in the sensor policy. We have resolved this issue and users with this role will be able to scroll and see policy exclusions, not just the few exclusions that display in the first few rows of the table. |
Server |
N/A |
DFND-48512 |
Sensor upgrade |
In the most recent version, in some cases, when performing a sensor upgrade the sensor upgrade did not work and remained in progress indefinitely. We have resolved this issue and sensor upgrades will work properly. |
Sensor and server |
All |
DFND-47146 |
Remediation |
We have updated the logic used by the Cybereason platform’s file quarantine feature to ensure that the sensor cannot quarantine sensor-related files. |
Sensor and server |
All |
DFND-32637 |
Behavioral allowlisting |
To help you build more effective behavioral allowlisting rules that address additional scenarios, you can now add Grandparent Process and Great-Grandparent Process Elements in the rule. |
Server |
N/A |
DFND-6192 |
MalOps |
We have made some adjustments to how the Cybereason platform retains data, especially related to MalOp details, to reduce the time for a MalOp to be generated and to ensure that as many details for the MalOp are reported in the MalOp details. |
Sensor and Server |
N/A |