Cylance Endpoint Security service updates
Management console and platform services
- Management console and platform services fixed issues
- Management console and platform services known issues
CylancePROTECT Desktop release notes
CylanceOPTICS release notes
- CylanceOPTICS fixed issues
- CylanceOPTICS known issues
CylancePROTECT Mobile release notes
- CylancePROTECT Mobile fixed issues
- CylancePROTECT Mobile known issues
CylanceGATEWAY release notes
- CylanceGATEWAY fixed issues
- CylanceGATEWAY known issues
CylanceAVERT release notes
- CylanceAVERT fixed issues
- CylanceAVERT known issues

CylanceOPTICS
known issues

If an upgrade for the

CylanceOPTICS

agent is interrupted or the extractor process is killed, subsequent attempts to upgrade the agent is not successful because the cypkg_temp folder was already created, and the installer could not complete the extraction operation. (EDR-21244)

Workaround
: Delete the cypkg_temp folder in the

CylanceOPTICS

installation directory.

On devices running

Windows

11 22H2 and

Intel

TDT is enabled, a bug check error occurs during the upgrade. (EDR-21136)

Workaround
: Disable

Intel

TDT on the device.

While loading file signatures the

CylanceOPTICS

agent locks the files, preventing other applications from modifying the file. (EDR-21117)

Workaround
: Create a detection exception in the console.

The

CylanceOPTICS

agent for

Linux

version 3.3 may return higher degradation than expected for nginx performance. (EDR-20098)

If you send the "Cylance - Browser History" package to

CylanceOPTICS

devices, the data collection does not work on

macOS

Linux

devices that have the

Chrome

Safari

browser open. (EDR-18709)

Workaround:
Instruct device users to close the browser session and send the package again.

The

CylanceOPTICS

agent version 3.3 added support for the

CylanceOPTICS

network sensor on

Linux

operating systems. Older distributions such as RHEL/CentOS 7.9 and earlier or

Oracle

Linux

Server (non-UEK) 7.9 and earlier that use kernels prior to 4.4 will not record IGMP or DNS. (EDR-17963, EDR-17964)

Due to a defect in

macOS

Ventura 13.0.0, if the

CylanceOPTICS

agent is installed on a device with

macOS

13.0.0 or a

CylanceOPTICS

device is upgraded to

macOS

13.0.0, the

CylanceOPTICS

agent may not be able to detect events. (EDR-14879)

Workaround:
To prevent this issue from occurring, install the agent on

macOS

Ventura 13.0.1 or later or upgrade directly to

macOS

Ventura 13.0.1 or later instead of 13.0.0. If you upgrade from 13.0.0 to 13.0.1 or later, remove the agent and install it again. If installing on 13.0.1 or later or upgrading to 13.0.1 or later is not possible at this time, remove full disk access for CyOptics and CyOpticsESFLoader then add full disk access for both again and restart the device.

Detection notifications do not work on devices with the following

Linux

distros:

CentOS 8.x

RHEL 8.x

Oracle

Linux

Server 8

Oracle

Linux

Server UEK 8

SUSE

Linux

Enterprise Server 12 and later

Ubuntu

18.04 and later

(EDR-11155)

When you try to unlock a partially locked device from the management console, it may not unlock as expected. This issue occurs intermittently. (EDR-9690)

Workaround:
Try to unlock the device again from the management console (Select Action > Unlock device), or use the unlock key.

The refract package for browser history that is available in the management console does not collect the expected data on

Linux

devices. (EDR-6917)

Section:

CylanceOPTICS release notes

CylanceOPTICS known issues

CylanceOPTICS
known issues