November 8, 2020 Service Pack

The following Service Pack versions were released:

Versions (Sensor and Server)

19.1.300

19.2.201

20.1.361

The tables below describe the enhancements, fixed issues, and changes included in each version.

The Versions column indicates the versions that include the fix.
The Required Update column indicates if the fix requires sensor/server update.

IMPORTANT: If you want to upgrade your servers to this version, we recommend that you upgrade all components - Registration server, Detection servers, and WebApp server - to this version.

Enhancements

Issue	Area	Description	Versions	Required Update	Sensor OS
CYBR-36391	Management	The Windows 20H2 operating system is now included in the System > Sensors screen’s OS version column.	19.1.300, 19.2.201, 20.1.361	Server	N/A
CYBR-33331	Sensor Platform	The Cybereason platform now supports sensors on Windows 10 20H2 (Windows 10 October 2020 Update).	19.1.300, 19.2.201, 20.1.361	Server	Windows
CYBR-36700	NGAV	To improve performance of Anti-Malware > Signature scans, Behavioral document protection is no longer triggered as part of On demand scans. Behavioral document protection is still triggered as part of On file access scans.	19.2.201, 20.1.361	Sensor	Windows
CYBR-35648	Detection	We have updated the workflow for using the Remote Shell utility when a user account has SSO sign-on enabled. Now, if SSO sign-on is enabled, a two-factor authentication code is not required in the Remote Shell dialog. In addition, if you select Secure mode, a two-factor authentication code is no longer needed.	20.1.361	Server	Windows
CYBR-35664	User Management	The following user management actions are now logged in the userAudit Syslog: Adding a user Deleting a user Editing a user’s profile	19.1.300, 19.2.201, 20.1.361	Server	N/A

Fixed issues

Issue	Area	Description	Versions	Required Update	Sensor OS
CYBR-34622	Detection	Sensors on version 20.1.280 on machines running Windows 10 X64 did not correctly uninstall due to a missing file. This issue has been resolved.	19.2.201, 20.1.361	Sensor	Windows
CYBR-35989	Detection	One of the Cybereason collections on macOS machines was using an internal OS X API which requires extended permissions. The use of this API resulted in error messages in the system log. This issue was resolved, the API is no longer used. As a result of this, the Module Element will not return results for investigation queries that use the Module Element for machines running macOS.	19.1.300, 19.2.201, 20.1.361	Sensor	macOS
CYBR-35844	Investigation	On the Investigation screen, the Limit results slider could not be set to 10k results. This issue has been resolved.	19.1.300, 19.2.201, 20.1.361	Server	N/A
CYBR-31192	Investigation	On the Investigation screen, if you tried to limit results before you ran a query, the Apply button was not visible on the Limit results pop up. This issue has been resolved.	19.1.300, 19.2.201, 20.1.361	Server	N/A
CYBR-35198	NGAV	If the underlying service for Application control failed to correctly start, the ActiveProbe log (C:ProgramDataapv2LogsCybereasonActiveProbe.log) received multiple errors. This issue has been resolved.	20.1.361	Sensor	Windows
CYBR-35296	Endpoint Cotrols	When a user added a removable device with a non-unique serial number to the Allowed devices area under Endpoint controls > Device control, the Cybereason platform did not successfully allow access to the device and caused other devices to be blocked. This issue has been resolved. Removable devices with a non-unique ID can now be added as allowed devices, as long as the device is used in the same port and computer. Otherwise, the Cybereason platform identifies the device based on the product and vendor names. For more details, see Find Device Details.	19.2.201, 20.1.361	Sensor	Windows
CYBR-30510	Malop Management	On the Malop details screen, PowerShell / .NET malops did not display the relevant detection value. This issue has been resolved.	20.1.361	Server	Windows
CYBR-22038	NGAV	On the Set Anti-Malware modes - Settings summary screen, we have removed a link to the documentation. For more information about setting the Anti-Malware malware mode, see Configure Sensor-Level Anti-Malware Modes.	19.1.300, 19.2.201, 20.1.361	Server	N/A
CYBR-32774	Sensor Management	Remains of sensor versions 17.x found in the Windows registry prevented a complete sensor upgrade when upgrading from the UI. This issue has been resolved.	19.1.300, 19.2.201, 20.1.361	Sensor	Windows
CYBR-36144	Sensor Management	Upgrading sensors to version 19.2 and above from the UI caused the machine to restart immediately. This issue has been resolved and sensors can be upgraded to version 19.2 and above without an immediate machine restart.	19.1.300, 19.2.201, 20.1.361	Sensor	Windows
CYBR-36348	Sensor Management	After upgrading sensors to version 20.1.289 and above, after a machine restart, the CrDrv service was not correctly enabled. This issue has been resolved.	20.1.361	Sensor	Windows
CYBR-36422	Sensor Management	The System > Dashboard screen, did not include Sensor version data. This issue has been resolved.	20.1.361	Server	N/A
CYBR-36504	Sensor Management	After navigating between pages within the System section of the UI, the title of the System > Dashboard page incorrectly displayed. This issue has been resolved.	20.1.361	Server	N/A
CYBR-36452	Sensor Management	On the System > Policies management screen, after you delete a policy, the Cybereason platform did not display the last policy in the grid correctly. This issue has been resolved.	20.1.361	Server	N/A
CYBR-30944	Sensor Management	On the System > Policies management screen, after you delete a policy, the policy was still visible until you refreshed the screen. This issue has been resolved.	20.1.361	Server	N/A
CYBR-35867	Sensor Management	The name of a sensor group could not contain Japanese characters. This issue has been resolved.	20.1.361	Server	N/A
CYBR-36116	Sensor Management	On the System screen, the action log was not sorted in chronological order. This issue has been resolved.	19.1.300, 19.2.201, 20.1.361	Server	N/A