Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

PSC Windows Sensor version 3.4.0.1070 Release Notes

PSC Windows Sensor version 3.4.0.1070 Release Notes

PSC sensor version 3.4.0.1070 is for Windows only. Please note that only issues fixed since the maintenance release version 3.4.0.1061 are included in these release notes. Known issues are maintained, but should be the same as the earlier version.

Labels (1)
Attachments
Comments

Ah was hoping for a fix to DSEN-5995,EA-14707,EA-14723,EA-14729

In reference to 'DSEN-5163' .. in the scenario where you have 3.4.1052 installed, and performance issues are occurring,  will this .1070 address that? Guidance from support is to downgrade from .1052  to  .1016 (yet this known issue will state not to downgrade)

Good Day,

Please forgive my lack of knowledge, since PSC is a unified sensor I have to assume the the naming convention of the tracked issues refer to a specific product.  However, I'm unable to locate a key, could someone break down the difference between

DSEN-XXXX

EA-XXXX

UAV-XXXX

And possibly any others I may be missing.  If i'm way off base please correct me.

 

Thank You

A link to the update would be useful. 

I downloaded this update because we have a number of Windows 10 machines that go to a black screen at logout or shutdown.

I got a temporary code to install this sensor version, but I need a permanent one.

And, how do I update all the other clients with earlier versions loaded to this latest sensor?

@DFTROur company was having that issue a few months ago after the 1903 update or was the 1809 update. Anyways, you have to change your policies to fix the issue. I am unsure if a new sensor will fix the issue.

Here is the fix.

We applied changes for the exceptions to all policies.

*:\Windows\System32\logonui.exe, :\Windows\System32\dwm.exe,
*:\Windows\System32\fontdrvhost.exe

Hi there!

in the release notes there is a wording about "DSEN-4143" and below it there is a recommendation to make exclusions in full bypass for following paths:

1. **\windows\servicing\**
2. **\$windows.~b\**

Unfortunately, the path #2 is wrong, because the below specified filter returns nothing.

process_name:*\\$windows.*\\* AND -process_name:*\\$windows.\~bt\\*

NOTE: there is "~bt\", not "~b\"

@DFTR  There was a know bug in a recent security patch set for Windows 10, which caused a black screen on endpoints after the reboot.

https://support.microsoft.com/en-us/help/4524148/windows-10-update-kb4524148

October 3, 2019—KB4524148 (OS Build 17763.775)
Applies to: Windows 10 version 1809, Windows Server version 1809, Windows Server 2019 all versions

I deployed this to our Windows 10 1803 VDI desktop environment, and not a single user was able to logon. Something about this blocked our BLAST remote protocol (similar to PCOIP, RDP or HDX)

We've reverted to our prior 3.4.1047. Unfortunately, even that has its own set of issues. 

@antonpaloka - If you haven't already done so, could you please log a Support ticket, so we may investigate that further for you? Feel free to post the Support Case Number here for reference, if you have already logged it.

Kind regards,

David Sands

CB Technical Support 

@davy Sure thing, they closed it last night, hopefully inadvertently. But if you want to review it, case is below. I may not be able to revert to the 1070 based image until this Friday though.

00157943

Article Information
Author:
Creation Date:
‎09-26-2019
Views:
9834
Contributors