This site will be decommissioned on December 31st 2024. After that date content will be available at techdocs.broadcom.com.

VMware Carbon Black App Control Server 8.8.0 | 08 DEC 2021 | Build 8.8.0.262

Check for additions and updates to these release notes.

What's New

The 8.8.0 Server Release Notes provide information for users upgrading from previous versions as well as for users new to VMware Carbon Black App Control.

Product security is our top priority for Carbon Black App Control. In this release, we have included several new enhancements to ensure that our product is prepared to keep you and your endpoints secure.

Added Support for Common Platform Enumeration (CPE)

App Control 8.8 supports Common Platform Enumeration (CPE).

You can now use App Control to find CPE information about applications in your environment, This standardized information can be exported out of the console via CSV or API to third party applications such as Splunk to help make decisions regarding your assets. The table lists all applications and you can use the grouping and filtering options to affect what information is displayed. For example, in the image below, only the matched items display.

You can access the CPE features from the top menu, select Assets>Applications, and then select the CPE Applications tab.

For detailed information regarding how to use the CPE features, go to the online help and navigate to:

File, Publisher, and Application Information > Application Information > CPE Applications

New CPE Application tab on the Applications page.

General Changes

  • Added support for Windows Server 2022.
  • Removed the "Auto Detection" column from Rapid Configs as it was unused.
  • Optimized performance of the internal catalog population and normalization
  • The Checkpoint connector is no longer supported.

Security Improvements

  • A password for the admin account is now required during installation.

    When upgrading, if the admin account is using the default password, the installer requires a new password.

  • The Console default Minimum Password length is 12 characters.
  • The Console Maximum password length can be up to and equal to 64 characters
  • Improved password security by requiring a command-line admin reset to provide a validated password

Changes to the Events Page

The follow new events were added with 8.8.0:

CPE Management Events and Subtypes
Subtype ID No. Severity Example Descriptions/Comments
CPE Sync started 4400 Info CPE Sync started.
CPE Sync finished 4402 Info CPE Sync finished.
CPE Application Modified 4404 Info $param1$
CPE Application Catalog generation failed 4409 Error CPE Application Catalog generation failed. Error: '$param1$'.
CPE Application pruning failed 4411 Error CPE Application pruning failed. Error: '$param1$'.
CPE Application matching failed 4413 Error CPE Application matching failed. Error: '$param1$'.

Library Changes

The following libraries were updated:

  • Updated gSOAP to 2.8.117
  • Updated jQuery cron plugin to 0.1.4.1
  • Updated PEAR PHP to 1.10.12
    • Updated PEAR PHP packages Auth, Config, Date, DB, Pager, and DB_DataObject to the latest stable versions.
    • Removed PEAR PHP packages HTTP_Request, Net_Socket, and Net_URL.
  • Updated PHP to 7.4.24
    • The installer will now attempt to install C++ Redistributable x64 for Visual Studio 2019. To avoid a reboot, uninstall 2015 and 2017 versions of the redistributable before installing.

Browser Support Changes

There are two browser support changes with version 8.8.0:

  • Microsoft Internet Explorer is no longer supported.
  • Microsoft Edge is supported.

Supported Upgrade Paths

The table below shows the supported upgrade paths for Carbon Black App Control 8.8.0 servers:

Upgrading from: Upgrading to:
8.7.2 8.8.0
8.7.0 8.8.0
8.6.4 8.8.0
8.6.2 8.8.0
8.6.0 8.8.0
8.5.12 8.8.0
8.5.8 8.8.0
8.5.4 8.8.0
8.5.2 8.8.0
8.5.0 8.8.0
8.1.10 8.8.0
8.1.8 8.8.0
8.1.6 8.8.0
8.1.4 8.8.0
8.1.0 Patch 2 8.8.0
8.1.0 8.8.0
8.0.0 8.8.0

Resolved Issues

The following defects were fixed in the Carbon Black App Control 8.8.0 Server.

  • EP-6506: Fixed an issue where the last modified user was not correctly updated when modifying event rules from the actions dropdown

  • EP-6548: Fixed an issue where the unsaved changes warning on tables showed up when it should not have.

  • EP-6551: Corrected spelling error in the "Requester email" filter

  • EP-6568: Fixed a minor UI display issue on meter reports

  • EP-6616: Fixed an issue where event rules exported to CSV contained output line breaks after 1024 characters

    The line endings of CSV files are now CRLF instead of LF.

  • EP-6649: Fixed an issue where the Drift Type of "All" was not a filter option

    Added a filter option for "All" on drift reports for the column "drift type".

  • EP-8317: Fixed a bug where API authentication was failing under certain conditions using SAML

  • EP-9475: Fixed an issue where saved views did not display alphabetically

  • EP-9627: Fixed a database performance issue by improving the locking prevention while taking database performance snapshots

  • EP-13039: Fixed an issue where the the installer column on the file catalog page did not show "Yes" when a file was manually marked as installer

  • EP-13176: Fixed an issue where a space in the 'Department' value caused certificate generation to fail

    All relevant fields while editing the server certificate fields in System Configuration now allow spaces

  • EP-13177: Fixed an issue where the field, "ValidFor" displayed incorrectly when editing server certificate in System Configuration

  • EP-13294: Fixed an issue where the filters under the configuration for old computer cleanup were not displayed after being saved

  • EP-13299: Fixed an issue so that "Reset current settings" on the user settings page now resets the settings for "Wrap Long Text In Tables" and "Click To Dismiss Feedback Banners"

  • EP-13590: Fixed an issue the installation failed during the Application Pool setup if the user name contained a space

  • EP-13886: Fixed a UI display issue on the configuration page for PAN connectors

  • EP-13962: Fixed an issue where acknowledging a device incorrectly displayed an error

  • EP-13968: Fixed an issue in the Add Software Meter screen where long file names displayed overlapped

    Text will now be truncated by an ellipsis and the full text can be viewed by hovering over the option.

  • EP-14344: Fixed an issue detecting SQL Server 2017 and 2019 in the installer that caused the 'local system account' option to not be available

  • EP-14505: Fixed a typo in the event description when a user is logged out due to inactivity

  • EP-13419: Improved UI session timeout functionality

  • EP-14765: Fixed an issue where importing a new server certificate did not add to the trusted communication certificate list

Known Issues

The following known issues and limitations are present in the Carbon Black App Control 8.8.0 Server.

  • EP-4094: Users without the "View Policies" permission will not be able to make use of Role-Based Access Controls based on policies

  • EP-13195: Rapidly changing a computer's policy more than once can sometimes cause the last policy change to not apply

  • EP-8908: Licensing page fails to display expiration warning when less than one day remains

  • EP-7891: When adding a user to the "Linux User/Group to Manage Agents" section of the Agent Management configuration the message “(Not validated)” is erroneously returned

    The new user should still be added.

  • EP-6796: In some cases it's not possible to export a large amount (300+) of custom rules

  • EP-6721: If a SAML identity provider requires a signed logout request, the logout request will fail

  • EP-4093: When editing the User Roles Page, clicking the Save button has the same functionality as the Save and Exit Button

  • EP-4085: When uninstalling the App Control server a message may appear saying that the system is protected by the App Control agent even though the agent has already been uninstalled

  • EP-3397: When choosing View CB Reputation Data on the Action menu of a App Control file table, a failure message always appears after viewing the data

    The message is "View CB Reputation Data failed for 1 item(s)." No actual failure has occurred, however.

  • EP-3352: An event with the subtype "File deletion failed" is erroneously generated when a file that no longer exists is selected for deletion

    When a file that no longer exists is selected for deletion, the App Control Server should generate an error with subtype "File deletion processed (file not found)". Instead, an event with the subtype "File deletion failed" is erroneously generated.

  • EP-3349: Right after a new version of App Control is installed, the version health indicator will incorrectly report that the previous version is the newest version

    Refreshing the health indicator will cause it to disappear and will remove the incorrect report.

  • EP-3157: Exports to CSV of tabular data from console pages do not render date and time fields consistently with respect to time zone

    Some columns are reported as UTC; others use the local time zone.

  • EP-2879: Baseline Drift Reports only report on Windows computers

    Baseline Drift Reports do not report on Mac or Linux computers.

  • EP-2752: If you modify the permissions of, or disable, the "admin" user that ships with the product, the API module may no longer function correctly, causing problems when using the REST API and the console

    Make sure that the "admin" user retains its "View users" and "Manage users" permissions, and that it is not disabled.

  • EP-1222: If the CryptoAPI cannot initialize, the license will not be imported

    This is typically due to the environment not being set up according to the installation instructions.

  • EP-4151: On the Find Files page, after creating a saved view the message "(The Current View Has Unsaved Changes - Discard)" is still displayed after clicking on the Add button

  • EP-4152: Grouping does not always work on the Application Catalog or the Applications on Computers page

    If you elect to show the Version Number column and group by it, the groups that appear on the page will not expand.

  • EP-4578: If a user turns on the config property ShowHiddenCustomRules and creates a Custom Rule with a hidden action (that is, an action ending with "(Hidden)") that rule will display as an expert rule after being saved

    Rules of this type requiring an Operation value of "Execute and Write" should be created as two separate rules to avoid losing data.

  • EP-4660: A console user account based on Active Directory may be unable to log into Unified Server even when prompted to authenticate

  • EP-4670: The App Control console can become unresponsive if the query to Active Directory to check user’s permissions times out

  • EP-5504: Systems created using Sysprep may not boot if Tamper Protection was enabled when Sysprep was performed

  • EP-5555: After upgrading the App Control server to the current release, an event of type “Server Management” and subtype "Server upgrade succeeded" that should appear on the Events page does not appear there

  • EP-5700: On the Software Rules page, the column showing affected policies can show a blank policy name. This will appear as two commas with a space between them

    This occurs when a rule once applied to a policy that has been subsequently deleted.

  • EP-5703: Canceling a diagnostic request while it is underway does not always work

    From the App Control console one can request a diagnostic upload from an endpoint. Canceling such a request while it is underway does not always work. Sometimes cancellation can merely cause the endpoint to retry the upload.

  • EP-6510: Some customers have reported seeing false positives with the Doppleganger rule being triggered by TIWorker.exe and TrustedInstaller.exe

  • EP-6515: In a specific scenario it's possible for newly installed agents to register with the server from a deleted policy

  • EP-6719: File analysis through connectors will not work with files containing certain foreign characters in the name

  • EP-4175: In some cases when the server is set to high-level logging, it does not actually log everything that should be logged in this mode

check-circle-line exclamation-circle-line close-line
Scroll to top icon