Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Redstone 4 (Spring Creator) support

Redstone 4 (Spring Creator) support

In anticipation of the April 2018 Update (aka Redstone4). Carbon Black has been testing our products on the beta versions and we have not identified any issues.  Here is our stance on the April 2018 Update assuming nothing has changed.

Cb Protection

Our 8.0.0 Patch 6 agent has successfully run on RS4 betas and anticipate we will have similar results with the GA release. We want to make you aware of two caveats:

  1. Protection does not have visibility into OneDrive On Demand files that have been altered within the cloud. For example, if the OneDrive file was on one endpoint and then altered by another, we would not be able to track this change to the file. We will have a solution for this in our upcoming Patch 7 release.
  2. Protection does not have support for the Windows 10 Linux Subsystem feature. We recommend preventing users from enabling this feature in order to minimize the possibility of an attack from this vector.

Cb Response

Our 5.3.x, 6.0.x, and 6.1.x sensors have successfully run on RS4 betas and anticipate we will have similar results with the GA release. We want to make you aware of one caveat:

  1. Response does not have visibility into processes in the Windows 10 Linux Subsystem feature. We recommend preventing users from enabling this feature in order to minimize the possibility of an attack from this vector.

Cb Defense

All of our current sensors in standard support (3.1.x, 3.0.x, and 2.1.x)  have successfully run on RS4 betas and anticipate we will have similar results with the GA release.  We want to make you aware of one caveat:

  1. Defense does not have visibility into processes in the Windows 10 Linux Subsystem feature. We recommend preventing users from enabling this feature in order to minimize the possibility of an attack from this vector.
Labels (3)
Comments

Any update on your confirmation that the existing versions of CbP/CbR/CbD are working fine with RS4 builds without any issues, please? Thank you,

I would note that Windows Subsystem for Linux is becoming more and more standard of a feature, especially with greater adoption and use-cases.

At what point will you be able to support it? Working for a University, I cannot reasonably tell someone that they can't have a type of software simply because our White-listing software doesn't cover it. They will shrug their shoulders and inform me that that is not their problem, and they have a business need.

Article Information
Author:
Creation Date:
‎04-30-2018
Views:
2397
Contributors