May 24, 2020 Service Pack
The following Service Pack versions were released:
Versions (Sensor and Server) |
|---|
19.1.182 19.2.82 |
The tables below describe the enhancements, fixed issues, and changes included in each version.
The Versions column indicates the versions that include the fix.
The Required Update column indicates if the fix requires sensor/server update.
IMPORTANT: If you want to upgrade your servers to this version, we recommend that you upgrade all components - Registration server, Detection servers, and WebApp server - to this version.
Enhancements
Issue |
Area |
Description |
Versions |
Required Update |
Sensor OS |
|---|---|---|---|---|---|
CYBR-28142 |
OS Support |
Cybereason now supports sensor installation on Windows 10 May 2020 Update (Windows 10 20H1). |
19.0.0, 19.1.32, 19.2.0, 20.1.21 |
Sensor |
Windows |
CYBR-28798 |
Detection |
We have improved performance by optimizing the way sensors collect information about process modules. |
19.1.182, 19.2.82 |
Sensor |
Windows |
CYBR-30442 |
Endpoint Controls |
Personal firewall sensor improvements |
19.2.82 |
Sensor |
Windows |
CYBR-29388 |
NGAV |
If the name of a process was missed during collection, we have made an enhancement to .NET/PowerShell detection to provide the name of the process within the Malop. |
19.1.182, 19.2.82 |
Sensor |
Windows |
CYBR-29519 |
NGAV |
In rare cases, the .NET Malicious Floating Modules detection can cause misinterpretation of variable types in PowerShell. This was fixed for all versions with the Floating Modules feature (19.1+). |
19.1.182, 19.2.82 |
Sensor |
Windows |
CYBR-24694 |
Sensor Management |
To improve how policies are managed, it is now possible to delete a sensor policy from the System > Policy management screen. |
19.1.182, 19.2.82 |
Server |
N/A |
CYBR-29635 |
Sensor Management |
The Policy Columns (Assigned policy, Policy compliance, Policy ID and Policy Last update) on the System > Sensor screen are now hidden if they are not applicable |
19.1.182, 19.2.82 |
Server |
N/A |
Fixed issues
Issue |
Area |
Description |
Versions |
Required Update |
Sensor OS |
|---|---|---|---|---|---|
CYBR-30572 |
Detection |
The Detection server now ignores corrupted messages sent from sensors, improving performance and stability. |
19.1.182, 19.2.82 |
Server |
N/A |
CYBR-30286 |
Detection |
The process image file name can be changed several times during the process lifecycle. If this occurred, the sensor ignored it. This issue has been resolved. |
19.1.182, 19.2.82 |
Sensor |
Windows |
CYBR-23218 |
Endpoint Detection |
For endpoints running RedHat 8, the sensor is installed with errors due to problems with the lib-rpm library. As a result, when you run a query, the Process element does not provide any information in the ‘Company name’, ‘Signature Verified’, and ‘File is Signed’ features for all files on the relevant endpoint. |
19.1.182, 19.2.82 |
Sensor |
Linux |
CYBR-23241 |
Endpoint Detection |
DNS requests and responses are not collected for endpoints running RHEL 8. As a result, the DNS column is not displayed in the Investigation screen and you cannot view DNS query information. In addition, detections based on DNS collections are not triggered. |
19.1.182, 19.2.82 |
Sensor |
Linux |
CYBR-30155 |
NGAV |
When upgrading a sensor, the upgrade did not include the correct versions of the DLLs. This issue has now been resolved. We have also improved the way the NGAV feature accesses the Cybereason driver. |
19.1.182, 19.2.82 |
Sensor |
Windows |
CYBR-26401 |
NGAV |
An error in the translation for detection classification within Application Control and static analysis was fixed. |
19.1.182, 19.2.82 |
Server |
N/A |
CYBR-29738 |
Sensor Management |
Due to an OpenSSL issue, sensors crashed on machines with 10th Gen Intel Core processors. This issue has now been resolved. |
19.1.182, 19.2.82 |
Sensor |
Windows |
CYBR-24292 |
Sensor Management |
If too many waiting or pending actions were queued, the sensor action log did not clear old completed actions. This issue has been resolved and the rules for creating actions within the log have been improved. |
19.1.182, 19.2.82 |
Server |
N/A |
CYBR-29796 |
Sensor Management |
The email notification for archived sensors included both the total number of archived sensors and the number of sensors to be archived in the next 24 hours. This issue has been resolved. The email notification now only contains the number of sensors to be archived in the next 24 hours. |
19.1.182, 19.2.82 |
Server |
N/A |
CYBR-29495 |
Sensor Management |
If a disconnected sensor received multiple action requests, the initial request could not be aborted or dismissed. This issue has been resolved. |
19.1.182, 19.2.82 |
Server |
N/A |