VMware Carbon Black App Control 8.9.2 | 30 NOV 2022 | Build 8.9.2.46

Check for additions and updates to these release notes.

What's New

The 8.9.2 Server Release Notes provide information for users upgrading from previous versions as well as for users new to VMware Carbon Black App Control. This is a maintenance release.

Notable changes in this release include:

  • The filename, pathname, and antibody unused ID finder scheduled tasks have been improved to find unused IDs more quickly.

  • Added autofill support for Computer Name "is" filters on the Approval Requests, Computers, and Application console pages.

  • Administrators can no longer remove the trust of the certificate the server is currently using for agent communication.

  • Active directory groups with slashes in their names can now be searched for.

  • Improved database performance on exact match queries.

  • Added support for additional SAML identity providers.

Library Changes

The following libraries were updated:

  • Updated PHP to version 8.1.12

  • Updated curl to version 7.86.0

  • Updated zlib to version 1.2.13

  • Updated OpenSSL to version 3.0.7

Supported Upgrade Paths

Important:

For customers using SQL 2019, installation of the latest Cumulative Update is required before installing version Carbon Black App Control Server 8.9.2. Please see the Server OER for more details.

The table below shows the supported upgrade paths for Carbon Black App Control 8.9.2 servers:

Upgrading from:

Upgrading to:

8.8.4

8.9.2

8.8.2

8.9.2

8.8.0

8.9.2

8.7.x

8.9.2

8.6.x

8.9.2

8.5.x

8.9.2

8.1.10

8.9.2

8.1.8

8.9.2

8.1.6

8.9.2

8.1.4

8.9.2

8.1.0 Patch 2

8.9.2

8.1.0

8.9.2

8.0.0

8.9.2

Resolved Issues

The following defects were fixed in the Carbon Black App Control 8.9.2 Server.

  • EP-17001: Fixed an issue displaying group box borders while viewing rapid configs.

  • EP-17020: Fixed an error on the Files On Computers tab of the External Notification Details page.

  • EP-16964: Fixed an issue accessing the online help from the Application Catalog page.

  • EP-16853: Fixed an edge case where the server would use the wrong certificate for agent communication.

  • EP-16515: The filename, pathname, and antibody unused ID finder scheduled tasks have been improved to find unused IDs more quickly

  • EP-16873: Fixed an issue updating the CPE dictionary caused by a breaking NIST API change in behavior.

  • EP-10412: Fixed an issue where certain SAML identity providers are not recognized. (EA-15760)

    Added support for additional SAML identity providers.

  • EP-5555: Fixed an issue where the server installer would not report an event on upgrades. (EA-21148)

  • EP-14065: Fixed an issue where exact match queries can impact database performance. (EA-19514, EA-21402)

    Improved database performance on exact match queries.

  • EP-14793: Added autofill support for Computer Name "is" filters on the Approval Requests, Computers, and Applications pages. (EA-20333)

  • EP-5818: Fixed an issue where Active Directory groups with slashes in their name are unable to be mapped.

    Active Directory groups with slashes in their names can now be searched for.

  • EP-16975: Fixed an issue where an AJAX error occurs when saving a Trusted Directory.

    The "Save" button will now work when saving a new Trusted Directory.

  • EP-16953: Fixed issues logging in with Active Directory accounts by adjusting rules controlling the format of the adrules.xml file. (EA-22144)

Known Issues

The following known issues and limitations are present in the Carbon Black App Control 8.9.2 Server.

  • EP-14702: Due to an InstallShield issue, if a reboot is required during install, the installer may not automatically continue after reboot

    If this occurs, you must manually restart the install.

  • EP-1222: If the CryptoAPI cannot initialize, the license will not be imported

    This is typically due to the environment not being set up according to the installation instructions.

  • EP-4085: When uninstalling the App Control server a message may appear saying that the system is protected by the App Control agent even though the agent has already been uninstalled

  • EP-2752: If you modify the permissions of, or disable, the "admin" user that ships with the product, the API module may no longer function correctly, causing problems when using the REST API and the console

    Make sure that the "admin" user retains its "View users" and "Manage users" permissions, and that it is not disabled.

  • EP-2879: Baseline Drift Reports only report on Windows computers

    Baseline Drift Reports do not report on Mac or Linux computers.

  • EP-3157: Exports to CSV of tabular data from console pages do not render date and time fields consistently with respect to time zone

    Some columns are reported as UTC; others use the local time zone.

  • EP-3349: Right after a new version of App Control is installed, the version health indicator will incorrectly report that the previous version is the newest version

    Refreshing the health indicator will cause it to disappear and will remove the incorrect report.

  • EP-3352: An event with the subtype "File deletion failed" is erroneously generated when a file that no longer exists is selected for deletion

    When a file that no longer exists is selected for deletion, the App Control Server should generate an error with subtype "File deletion processed (file not found)". Instead, an event with the subtype "File deletion failed" is erroneously generated.

  • EP-4093: When editing the User Roles Page, clicking the Save button has the same functionality as the Save and Exit Button

  • EP-4094: Users without the "View Policies" permission will not be able to make use of Role-Based Access Controls based on policies

  • EP-4578: If a user turns on the config property ShowHiddenCustomRules and creates a Custom Rule with a hidden action (that is, an action ending with "(Hidden)") that rule will display as an expert rule after being saved

    Rules of this type requiring an Operation value of "Execute and Write" should be created as two separate rules to avoid losing data.

  • EP-5504: Systems created using Sysprep may not boot if Tamper Protection was enabled when Sysprep was performed

  • EP-5703: Canceling a diagnostic request while it is underway does not always work

    From the App Control console one can request a diagnostic upload from an endpoint. Canceling such a request while it is underway does not always work. Sometimes cancellation can merely cause the endpoint to retry the upload.

  • EP-6510: Some customers have reported seeing false positives with the Doppleganger rule being triggered by TIWorker.exe and TrustedInstaller.exe

  • EP-6515: In a specific scenario it's possible for newly installed agents to register with the server from a deleted policy

  • EP-6719: File analysis through connectors will not work with files containing certain foreign characters in the name

  • EP-6721: If a SAML identity provider requires a signed logout request, the logout request will fail

  • EP-6796: In some cases it's not possible to export a large amount (300+) of custom rules

  • EP-7891: When adding a user to the "Linux User/Group to Manage Agents" section of the Agent Management configuration the message “(Not validated)” is erroneously returned

    The new user should still be added.

  • EP-13195: Rapidly changing a computer's policy more than once can sometimes cause the last policy change to not apply

  • EP-16158: Incorrect list of files when creating a snapshot

    Sometimes when filtering files and creating a snapshot from the result set, files not part of the result set are included in the snapshot.

check-circle-line exclamation-circle-line close-line
Scroll to top icon