July 7, 2023 Service Pack
The following Service Pack versions were released:
Versions (Sensor and Server) |
|---|
21.2.640 22.1.341 |
The tables below describe the enhancements, fixed issues, and changes included in each version.
The Versions column indicates the versions that include the fix. (For more information, see the note above)
The Required Update column indicates if the fix requires sensor/server update.
IMPORTANT: If you want to upgrade your servers to this version, we recommend that you upgrade all components - Registration server, Detection servers, and WebApp server - to this version.
Version 21.2.640
Issue |
Area |
Description |
Required Update |
Sensor OS |
|---|---|---|---|---|
DFND-46765 |
NGAV |
When using NGAV on an endpoint machine, as a non-admin user on the machine, if you clicked the prompt from Windows Security Center to update the Cybereason signatures database, command window continued to display on the machine (while the update ran in the background), disrupting the work of the endpoint machine user. We have resolved this issue to ensure that the signature database update does not interfere with normal machine usage. |
Sensor and server |
Windows |
DFND-46902 |
Behavioral Execution Prevention |
When using Behavioral Execution Prevention, the cmstp_abnormal_execution and msexchange_owapool_webshell rules were causing the Cybereason platform to generate MalOps that were false positive MalOps. We have resolved this issue and these rules should no longer generate MalOps that are false positive. |
Sensor and server |
Windows |
Version 22.1.341
Issue |
Area |
Description |
Required Update |
Supported OS |
|---|---|---|---|---|
DFND-28668 |
Custom detection rules |
To help you build more useful custom detection rules, you can add Registry Event and File Event Elements in the rule logic. |
Server |
N/A |
DFND-44580 |
Sensor upgrade |
In recent versions, in some rare cases, when upgrading a sensor that had Behavioral Execution Prevention enabled, the sensor experienced the blue screen crash on a Windows machine and was unable to be used or restarted. We have resolved this error and machines with these options will upgrade without issues. |
Sensor and server |
Windows |
DFND-46703 |
Sensor installation |
The Repair option has been removed from all sensor installer workflows. This option is not supported by the Cybereason platform. |
Sensor and server |
Windows |
DFND-46902 |
Behavioral Execution Prevention |
When using Behavioral Execution Prevention, the cmstp_abnormal_execution and msexchange_owapool_webshell rules were causing the Cybereason platform to generate MalOps that were false positive MalOps. We have resolved this issue and these rules should no longer generate MalOps that are false positive. |
Sensor and server |
Windows |