January 11, 2023 Service Pack
The following Service Pack versions were released:
Versions (Sensor and Server) |
|---|
22.1.228 |
The tables below describe the enhancements, fixed issues, and changes included in each version.
The Versions column indicates the versions that include the fix. (For more information, see the note above)
The Required Update column indicates if the fix requires sensor/server update.
IMPORTANT: If you want to upgrade your servers to this version, we recommend that you upgrade all components - Registration server, Detection servers, and WebApp server - to this version.
Included issues
Issue |
Area |
Description |
Required Update |
Supported OS |
|---|---|---|---|---|
N/A |
Investigation |
Environments with the newer platform architecture can now use the contains and does not contain operators when constructing queries instead of matches pattern and does not match pattern. |
Server |
N/A |
DFND-32203 |
Attack Tree |
At times, if the Attack Tree contained a large number of processes in the tree (both parent/ancestor and child/descendant processes), the Attack Tree did not load at all. We have updated the configuration used by the Cybereason platform to load the Attack Tree with a partial list of processes, even when the Tree contains a large number of processes. |
Server |
N/A |
DFND-37373 |
Sensor upgrade |
We have updated the sensor upgrade configuration used by the Cybereason platform to retry a sensor upgrade if the initial upgrade request fails. Previously, if an upgrade request failed, the platform reported an error and you needed to manually resolve the error. The sensor performs this retry up to five times. This feature is not generally available. Contact your Customer Success Manager to gain access to this feature. |
Sensor and server |
Windows |
DFND-31144 |
Sensor Performance |
In some cases, the sensor created multiple icons in the taskbar for a single sensor. We have resolved this error and the sensor displays only a single icon in the taskbar of the machine. |
Sensor and server |
Windows |
DFND-33658 |
Sensor uninstallation |
In the latest Cybereason version, after uninstalling a sensor from an endpoint machine with the Uninstall action in the Actions menu in the Sensors screen, the Sensors screen did not update the sensor’s status to reflect a successful uninstallation. We have resolved this issue and the sensor uninstall reports correctly. |
Server |
N/A |
DFND-35360 |
Malop comments |
In environments using the new Data Platform, when adding a comment to Malop in non-English languages (such as Japanese), the comments were displayed in the Malop with strange characters instead of the proper language characters. We have resolved this issue and comments should display correctly. |
Server |
N/A |
DFND-36206 |
Investigation |
When adding filters for Elements in an investigation query, for some Elements, unexpected filters, such as {{$ctrl.feature.translatedName}} were added as filters. We have resolved this issue and no unexpected filters should be available for Elements when building queries. |
Server |
N/A |
DFND-36241 |
Personal Firewall Control |
When adding custom firewall rules through a CSV file, you were unable to later edit the rule through the firewall rules table in your sensor policy. We have resolved this issue and you can now edit firewall rules even when they are created through a CSV file. |
Server |
N/A |
DFND-37217 |
Sensor upgrade |
In the latest Cybereason version, after performing a sensor upgrade, the value of the Last update status column in the System > Sensors screen did not update correctly to report the successful upgrade. We have resolved this issue and upgrade statuses for a successful upgrade report correctly. |
Server |
N/A |
DFND-37403 and DFND-37067 |
Sensor Performance |
On sensors on Linux machines, some machines reported very high memory and CPU usage. We have resolved this issue and sensors on Linux machines should run as expected with normal performance. |
Sensor and Server |
Linux |