June 06, 2022 Service Pack
The following Service Pack versions were released:
Versions (Sensor and Server) |
|---|
21.1.442 21.2.293 |
The tables below describe the enhancements, fixed issues, and changes included in each version.
The Versions column indicates the versions that include the fix. (For more information, see the note above)
The Required Update column indicates if the fix requires sensor/server update.
IMPORTANT: If you want to upgrade your servers to this version, we recommend that you upgrade all components - Registration server, Detection servers, and WebApp server - to this version.
Version 21.1.442
Issue |
Area |
Description |
Required Update |
Supported OS |
|---|---|---|---|---|
DFND-15182 |
Data collection (Windows) |
We have updated the detection rule logic for APC injections to minimize false-positive rate. |
Sensor and Server |
Windows |
DFND-16940 |
Windows AV |
We made configuration improvements to the archive scan to prevent it from timing out. |
Sensor and Server |
Windows |
DFND-13342 |
User Management |
Users with notifications enabled did not receive notifications that a Malop with an unknown detection type was created. This issue has been resolved. |
Server |
N/A |
Version 21.2.293
Issue |
Area |
Description |
Required Update |
Supported OS |
|---|---|---|---|---|
DFND-15182 |
Data collection (Windows) |
We have updated the detection rule logic for APC injections to minimize false-positive rate. |
Sensor and Server |
Windows |
CYBR-3469 |
Mac AV |
We improved how the sensor initiates signature-based detection so that it reaches a protected state even sooner. |
Sensor and Server |
macOS |
DFND-6581 |
Sensor Management |
On the System > Sensors > Deleted Sensors screen, we have added the Deleted by and Deleted date columns to help you understand more about a deleted sensor. |
Server |
N/A |
DFND-9947 |
SHA-based prevention support |
The Cybereason platform now supports prevention on Windows machines for items based on SHA-1 and SHA-256 hash values. Previous versions of Cybereason only supported prevention for MD5 hash values. This feature is disabled by default. This feature is not generally available. Contact your Customer Success Manager to get access to this feature. |
Sensor and Server |
Windows |
DFND-16940 |
Windows AV |
We made configuration improvements to the archive scan to prevent it from timing out. |
Sensor and Server |
Windows |
DFND-12516/DFND-3469 |
Sensor proxy connection |
We have updated the sensor configuration for proxy connection to better ensure that the sensor connects to the proxy when using the auto-detect mechanism on the sensor. |
Sensor and server |
Windows |
DFND-17049 |
Fileless Protection |
In sensor versions between 21.2.180 and 21.2.268, Fileless protection scans that received a null pointer in the source field caused application crashes. This issue has been resolved. |
Sensor and Server |
Windows |
DFND-16419 |
Remote Shell |
Users with the Responder L2 role were unable to open the Remote Shell utility from the Investigation screen. This issue has been resolved and these users can open a Remote Shell utility as expected. |
Server |
N/A |
DFND-13342 |
User Management |
Users with notifications enabled did not receive notifications that a Malop with an unknown detection type was created. This issue has been resolved. |
Server |
N/A |
DFND-17817 |
Sensors screen |
If a Detection Server was disconnected from the Web App server, the Sensors and Detection Servers screen did not load properly. This issue has been resolved and the Sensors/Detection Server screens in the Cybereason platform’s UI load properly. |
Server |
N/A |
DFND-20505 |
Sensor Platform |
In the latest version, when Application Control was enabled, file or folder rename operations on network drives failed. This issue has been resolved and all file or folder network rename operations work on the machine as expected. Learn more |
Sensor and server |
Windows |