The 8.1.8 Server Release Notes provide information for users upgrading from previous versions as well as for users new to VMware Carbon Black Protection.

New Features and Product Enhancements (8.1.8)

Product security is our top priority for CB Protection. In this release, we have included several new enhancements to ensure that our product is prepared to keep you and your endpoints secure. These changes include:

Most Notable Changes:

  • Trusted Directories can now create rules assigned to specific policies.
  • Internal Yara rules and Script rules are now shipped with the Rules Installer. They are no longer shipping with the Server release.
  • Updated the Carbon Black EULA to be consistent with the VMware EULA.
  • The License Expiration Date now displays on the System Configuration page.
  • We added a new 'Rapid Config' column to the Events and Cached Events pages. It will show the name of the Rapid Config that caused the event.
  • We updated PHP to version 7.3.11

Many 3rd party libraries have been updated or removed.

See: Library Cleanup

Other Changes:

  • We improved the user experience by ensuring the left-side menu continues to display while the user scrolls down the page.
  • On the Installer Versions page, we improved the reporting of the Rules “Version Installed.”
    • Previously: “Unknown” was reported if rules were installed but a rules installer version was not available.
    • Now: the rules version displays even in the absence of the rules installer.

      For example: “From Server Version 8.1.0 P2”

      Note: In rare occasions, the rules version is truly unknown and the system displays “From Unknown Server Version.”
  • We updated various Microsoft components to the latest versions.
  • Script Rules may no longer be created via the UI or API if they have not been previously installed via a Rules Installer.
  • A link was added to the Rapid Config editor page that will take the user to the Events page and show events generated by the Rapid Config in the past 1 day.

Library Cleanup

Removed unused versions of the following libraries:

  • Boxer javascript library
  • jquery.simulate javascript library
  • Datatables Bootstrap library
  • Dojo javascript library
  • Unused version of the jQuery javascript library
  • Bootstrap.js library. (Note: Some bootstrap css is still in use.)
  • Knockoutjs library
  • Modernizr library

Updated the following libraries:

  • Updated jQuery UI javascript library to version 1.12.1.
  • Updated the simplesamlphp library to version 1.17.7.
  • Updated the Smarty PHP library to version 3.1.33.
  • Updated jQuery library to version 3.4.1.
  • Updated the AjaxControlToolkit library to version 19.1.
  • Updated third party JavaScript libraries HoverIntent to r7 and Superfish to 1.7.10.
  • Updated jQuery.scrollTo plugin to version 2.1.2.
  • Updated MochiKit library to version 1.4.2.

Changes to the Events Page

  • In the Events page, “Rapid Config” is a new column now available when specifying column settings on the page. If the event was caused by a Rapid Config, the name of that Rapid Config will be displayed. (Hidden Text: EP-10287)

Product Security Enhancements

  • Removed the "Make local copy of agent cache" option from the Computer Details page as it is no longer supported. (Hidden Text: EP-7628)
  • Modified the encryption used for remote database backup passwords to be more secure. (Hidden Text: EP-8863)

CB Protection Server Supported upgrade paths

Below is a table explaining the supported upgrade paths for CB Protection servers:

Upgrading from: Upgrading to:
v8.0.0 v8.1.8
v8.1.0 v8.1.8
v8.1.4 v8.1.8
v8.1.6 v8.1.8

Corrective Content (8.1.8)

This section lists defects fixed in CB Protection 8.1.8.258 Server.

Item # Description
EP-1331 Fixed an issue where clicking the Cancel button while editing on the Unified Management configuration page did not reset the page to the previous state.

Now, the Cancel button terminates the action and returns the user to the page in the previous state.

EP-6547 Fixed an issue that caused the Save button on the user role details page to exit the page.

Now, clicking Save keeps you on the user role details page after saving the changes.

EP-6565 Fixed an incorrect message when removing a file ban or approval by policy from the file details page.

Now, a message displays pertinent to the action.

EP-6573 Fixed an issue that caused certain groups in table pages to not be expanded if they were numbers like "0068".

Now, groups expand normally despite their numerical structure.

EP-6647

EP-6648

EP-6655

Fixed an issue on the baseline drift page where numerical filters displayed options common to text strings rather than numeric options.
  • Baseline Drift page: “percent complete” filter and "number of files" filters
  • Policy Details page: CL filter

Now, the numerical filters display relevant options, such as “equal to/greater than”.

EP-6661 Fixed an issue where “Source Names” were not being reported correctly in the case of Trusted Directories.

Now, “Source Names” are reported correctly for trusted directories.

Note: This fix is not retroactive; it will only fix the Source Names from this point, forward.

EP-7110 Fixed an issue that prevented index compression being enabled when installing against SQL Server 2016 Standard SP1 and later.

Now, you can enable index compression when installing against SQL Server 2016 Standard SP1 and later.

EP-7643 Fixed an issue that caused HTML to appear on the SAML configuration help popups.

Now, only the pertinent plain text displays on the popups.

EP-7912 Fixed issue where Reporter startup events displayed the incorrect version number.

Now, the correct software version number displays in Reporter startup events.

EP-8125 Fixed issue with displayed values and also improved filter usability on the Custom, Registry, and Memory rule pages.

Now, the improved filter reduces the likelihood of columns where no values display.

EP-8154 Fixed issue where a duplicate Help icon displayed on the Active Directory configuration page.

Now, the page displays with the single, correct Help icon.

EP-8369 Fixed issues with the alert links in the console header.

Now, alert links work as expected in the console header.

EP-8427 Fixed a potential query timeout issue while importing file rules.

Now, a SQL data type mismatch no longer prevents indexes from being used when looking up files by hash.

EP-8792 Fixed an issue on the Events page where “grouping by source,” or subgrouping, created links on group rows that did not work.

Now, links on the Events page work correctly regardless if they are grouped by source or part of a subgroup.

EP-8794 Fixed an issue where failed agent registrations were not causing events under some circumstances.

Now, failed agent registrations generate an event as expected.

EP-8842 Fixed an issue where advanced custom rule options "Process Publisher" and "File Publisher" were not exported when exporting custom rules.

Now, the advanced custom rule options "Process Publisher" and "File Publisher" export when you export custom rules.

EP-8888 Fixed a timeout issue on the Update Agent/Rule versions page.

Now, intermittent status checks prevent long timeouts.

EP-8890 Fixed issue where errors occurred with some certificates when the hash value was not valid.

Now, fewer errors occur when some certificates do not have valid hash values.

EP-8932 Fixed an issue where the expiration time of a policy override code was not clearly defined.

Now, the expiration time displays the time zone for clarification.

EP-9097 Fixed an issue with the Process File Instances scheduled tasks where avoidable database locking could occur.

Now, database locks are less likely with Process File Instances.

EP-9705 Fixed an issue where the following error message was logged even though the file successfully published:

(CLStorage: Failed to publish CL file for default "kye")

Now, the corrected error is logged only when the file actually fails to publish.

EP9804 Fixed issue where attempts to import rules when the browser had stored the CBP Console password caused the import to fail. Clearing the stored password allowed the import to be successful.

Now, password fields throughout the console should no longer auto-fill with passwords with the exception of the login page.

EP-9901 Fixed an issue where the server did not use SSL when connecting for AD authentication.

Now, CB Protection Server attempts to connect securely to Active Directory servers. If no secure connection is available, it will fall back to using insecure connections.

EP-10253 Fixed an API issue that allowed policy names to contain non-printable ASCII characters.

Now, policy names no longer contain non-printable ASCII characters.

EP-10298 Fixed issue in the expert registry rules where the text “Open Key” inferred it tracks Open/Reads of the registry where in fact it only tracks Open/Writes.

Now, the text in expert registry rules reads "Open Key with Write Access". This operation is not triggered by opening the key for reading.