The Carbon Black team is pleased to announce the general availability of the 8.9.4 App Control Server.

The VMware Carbon Black App Control Server has been identified to contain a critical security vulnerability. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2023-20858 to this issue. We strongly recommend that you upgrade as soon as possible.

For more information, see the VMware Security Advisory: VMSA-2023-0004. For questions and assistance with installation, please contact Customer Support.

The 8.9.4 Server resolves the vulnerability identified in CVE-2023-20858. We strongly recommend that you upgrade to the 8.9.4 Server as soon as possible.

This release includes new functionality and addresses several defects. New functionality includes:
  • Server Support for Mac Trusted Publisher

    The 8.9.4 App Control Server can now receive publisher certificate information from the latest 8.8.0 macOS Agent. For more information, see Approving or Banning by Publisher in the 8.9.4 User Guide.

  • New Action on the Computers Page

    Cache consistency checks can now be run on multiple computers at once. Also, you can use the new cache consistency menu option, Re-evaluate publishers, for example, to retrieve publisher certificate information from files on previous macOS Agents that did not support Trusted Publishers. For more information, see Performing a Cache Consistency Check in the 8.9.4 User Guide.

  • Other Updates

    This includes a new available agent config property in the Server and improved performance on the Computers page.

For more details about this release, see the 8.9.4 Release Notes.

VMware encourages customers to always update to the latest versions of VMware software to benefit from security and stability improvements.

Download Link for App Control Server 8.9.4

Below is the download link to the latest version of the App Control Server (8.9.4ParityServerSetup.exe).

Important: For customers using SQL 2019, installation of the latest Cumulative Update is required before installing version Carbon Black App Control Server 8.9.x. Please see the Server OER for more details.