Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

EDR: Endpoint panic/reboot when sensor upgrade to 7.1.0

EDR: Endpoint panic/reboot when sensor upgrade to 7.1.0

Environment

  • EDR (CB Response) Server: All Supported Versions
  • EDR Sensor: prior to 7.1.0
  • Linux: All Supported Versions
  • Third Party Antivirus

Symptoms

Endpoint reboots when sensor is upgraded to 7.1.0 sensor version.

Cause

There is an interoperability issue in EDR sensor with other security products.

Resolution

  • Fix is planned to be released in 7.1.1 sensor version under CB-39216 / PSCLNX-10255.
  • As a workaround, the safest way to upgrade the sensor to 7.1.0 is to stop other security products on the endpoint before the upgrade and restart them after upgrade is complete.
  • Example:
1. run command 'lsmod' check what all modules are on top of cbsensor
2. Stop Trend Micro service
3. run command 'lsmod' check the difference with output in step 1.
4. Once it is confirmed that other security modules have been unloaded.
5. Upgrade EDR sensor to 7.1.0

Related Content


Labels (1)
Tags (2)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎05-18-2022
Views:
85
Contributors