June 1, 2023 Service Pack
The following Service Pack versions were released:
Versions (Sensor and Server) |
|---|
21.2.603 22.1.303 |
The tables below describe the enhancements, fixed issues, and changes included in each version.
The Versions column indicates the versions that include the fix. (For more information, see the note above)
The Required Update column indicates if the fix requires sensor/server update.
IMPORTANT: If you want to upgrade your servers to this version, we recommend that you upgrade all components - Registration server, Detection servers, and WebApp server - to this version.
Version 21.2.603
Issue |
Area |
Description |
Required Update |
Sensor OS |
|---|---|---|---|---|
DFND-43432 |
Mac sensors |
In random cases, on sensors running on macOS machines, when the machine restarted, the Anti-Malware > Signatures database reverted to the first version instead of maintaining the current version. This resulted in unnecessary redownloads of the signatures database to the sensor. We have resolved this issue and the Signatures database version is persisted after the machine restart. |
Sensor and server |
macOS |
DFND-43494 |
Mac sensors |
In recent Cybereason versions, when upgrading sensors through the System > Sensors screen, for sensors running on macOS with 2-way SSL enabled, after the upgrade the sensors were unable to connect to the Cybereason platform. We have resolved this issue and all Mac sensors using 2-way SSL are able to successfully connect to the Cybereason platform after upgrade. |
Sensor and server |
macOS |
DFND-43950 |
Detection rules, MalOp details |
In some cases, associated suspicions for some MalOps were not included in the MalOp details. As a result, you were not able to see the full scope of the MalOp and related activity and prioritize the analysis and triage appropriately We have resolved this issue and related suspicions for MalOps should always be part of the MalOp details for MalOps. |
Server |
N/A |
Version 22.1.303
Issue |
Area |
Description |
Required Update |
Supported OS |
|---|---|---|---|---|
N/A |
NGAV |
Predictive Ransomware Protection is now generally available. This new type of ransomware protection uses a multi-layered detection mechanism to identify typical ransomware behavior and prevent unknown strains of ransomware. This feature now appears by default in the Sensor Policy screen. The legacy Anti-Ransomware feature is still available, and should be used for sensor versions prior to 22.1.303. Learn more Important: Please make sure to update your sensors to the latest version before enabling Predictive Ransomware Protection, to avoid endpoint compatibility issues. |
Sensor and server |
Windows |
N/A |
EPP Dashboard |
In environments with the new Data Platform infrastructure, the EPP Dashboard screen is now generally available. |
Server |
N/A |
DFND-44828 |
Sensor installation |
You can now uninstall sensors from the Sensors screen even for sensors with Sensor Tampering protection enabled. |
Sensor and server |
Windows |
DFND-37258 |
Server performance |
When trying to view any of the tabs in the System screen (such as System > Sensors, System > Overview, and so forth), sometimes the Cybereason UI experienced unexpected performance with slow load times, such as when many different remediation requests were performed in a short time period. We have resolved this error and screens in the Cybereason UI should load even when other requests are being processed by the Cybereason platform’s servers. |
Server |
N/A |
DFND-39353 |
Sensor installation/upgrade |
When performing the steps required for mitigation of the CVE-2013-3900 vulnerability, it was not possible to install or upgrade sensors on the machine. We have resolved this issue and you can install/upgrade sensors on a machine even with the mitigations for CVE-2013-3900 applied on a machine. |
Sensor and server |
Windows |
DFND-43432 |
Mac sensors |
In random cases, on sensors running on macOS machines, when the machine restarted, the Anti-Malware > Signatures database reverted to the first version instead of maintaining the current version. This resulted in unnecessary redownloads of the signatures database to the sensor. We have resolved this issue and the Signatures database version is persisted after the machine restart. |
Sensor and server |
macOS |
DFND-43494 |
Mac sensors |
In recent Cybereason versions, when upgrading sensors through the System > Sensors screen, for sensors running on macOS with 2-way SSL enabled, after the upgrade the sensors were unable to connect to the Cybereason platform. We have resolved this issue and all Mac sensors using 2-way SSL are able to successfully connect to the Cybereason platform after upgrade. |
Sensor and server |
macOS |
DFND-43754 |
Linux sensors, Proxy |
On Linux sensors, when proxy connection details were added for a sensor with a personalized sensor, the Anti-Malware Signatures service on the sensor did not receive the proxy connection settings and required a restart of the sensor for the proxy connection settings to take effect. We have fixed this issue and the proxy connection settings propagate to the Anti-Malware service correctly. |
Sensor and server |
Linux |
DFND-43950 |
Detection rules, MalOp details |
In some cases, associated suspicions for some MalOps were not included in the MalOp details. As a result, you were not able to see the full scope of the MalOp and related activity and prioritize the analysis and triage appropriately We have resolved this issue and related suspicions for MalOps should always be part of the MalOp details for MalOps. |
Server |
N/A |