Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Carbon Black App Control (Previously known as CB Protection) Windows Agent Installer v8.5.0

Carbon Black App Control (Previously known as CB Protection) Windows Agent Installer v8.5.0

Posted 11/3/2020

Version: 8.5.0.103

Carbon Black App Control Windows Agent version 8.5.0

This zip file contains the CB App Control Windows Agent host package installer for version 8.5.0 compatible with the CB Protection Server version 8.1.4 or later.  

Please see the release notes for more information.

The Host Package Installer can only be used in conjunction with the CB Protection Server version 8.1.4 or later. You upload this package to the CB Protection Server using the instructions provided in the CB Protection 8.5.2 User Guide.

 WindowsHostPackageInstaller_8.5.0.103.193.exe - SHA256: d7735b457e1e095a35d6138f6a01f28e3d3b68bb38d29ce22c18527dfd25372d

Note: 

  • Depending on your CB Protection Server version, you may need to run the Certificate Installer before installing the 8.5.0 Windows agent.  You can see more information about the Certificate Installer here.  
  • For all new 8.1.4 and above installations and for upgrades that want the latest rules, a rules installer must also be uploaded to the server. 

Download:

Click here to download.

Comments

I get "Upload successful. Checking progress" and then "Installation failed" when I drop the host package installer in. Server is 8.1.8.258 and rules version 1.4.3.

Any ideas? 


@kgallagher4 Thank you for reaching out, the most common reasons are:

1. The server is not currently set in US - English. Setting the server to something besides US English can cause the installation to fail: https://community.carbonblack.com/t5/Knowledge-Base/CB-Protection-Unable-to-run-Host-Package-Install...

2. The service account for the servers is set to run as USERNAME@DOMAIN instead of DOMAIN\USERNAME: https://community.carbonblack.com/t5/Knowledge-Base/CB-Protection-Unable-to-run-Host-Package-Install...

3. Or if you have an agent installed from another server, its possible that the CB Protection Server Tamper Protection Rapid config rule needs temporarily disabled. 

 

With those said, I do highly recommend if the above items do not resolve the issue, that you reach out to Technical Support, for further troubleshooting. 

The update seems to get blocked pretty regularly before eventually working itself out, say after a few hours.  Anyone else see this?

@mgorton @jhuffman  My problem ended up being a cert chain issue.  The server was in high enforcement so the package was being blocked. 

Ineligible Reasons[CounterChainIdx[1] CertId[262] ValidationError[01010040:CERT_TRUST_REVOCATION_STATUS_UNKNOWN:CERT_TRUST_IS_PARTIAL_CHAIN:CERT_TRUST_IS_OFFLINE_REVOCATION]]

Running the validatecerts command on the server resolved the cert issue.

@kgallagher4   Thank you for that.  Running that on each endpoint seems to correct it on each one, however I'd like to prevent this in the future or try to get to the bottom of it, so I'll open a ticket.  Plus, needing to do this on all 600+ of our endpoints is a little cumbersome.

Should there still be errors for 'Invalid file format' when upgrading disabled agents? I can't seem to get disable agents to upgrade to 8.1.8 in our TestLab.

What happened to the link to Windows Agent 8.1.10?  Does App Control Agent 8.5 superseded 8.1.10?

@vcul Yes, Agent 8.5 does supersede the 8.1.10 agent. 8.5 is the latest GA version available currently. 

What's with the file metadata on WindowsHostPackageInstaller_8.5.0.103.193.exe? It looks like it has the metadata from 7Zip.

Receiving error code when trying to download Windows Agent 8.5.0.103:

"error making http request: Socket closed"

I get this error on multiple browsers on different PCs/laptops.

Article Information
Author:
Creation Date:
‎11-03-2020
Views:
27145