You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
- The MDATP package rollout into production will be done gradually. From the time the release notes are published, it might take up to a week for the package to be pushed to all production machines.
61
+
62
+
- The vulnerability in curl, CVE-2024-7264, has been addressed.
- Enabled: When eBPF is enabled as working as expected.
97
117
- Disabled: When eBPF is disabled due to one of the following reasons:
98
118
- When MDE is using auditD as a supplementary sensor
99
-
- When eBPF is not present and we fallback to Netlink as supplementary event provider
100
-
- There is no supplementary sensor present.
119
+
- When eBPF isn't present and we fallback to Netlink as supplementary event provider
120
+
- There's no supplementary sensor present.
101
121
102
-
- Beginning with 2411, the MDATP package release to Production on `packages.microsoft.com` follows a gradual rollout mechanism which spans over a week. The other release rings, insiderFast and insiderSlow, are unaffected by this change.
122
+
- Beginning with 2411, the MDATP package release to Production on `packages.microsoft.com` follows a gradual rollout mechanism which spans over a week. The other release rings, insiderFast, and insiderSlow, are unaffected by this change.
103
123
104
124
- Stability and performance improvements.
105
125
@@ -211,7 +231,7 @@ There are multiple fixes and new changes in this release.
211
231
212
232
There are multiple fixes and new changes in this release.
213
233
214
-
- This release fixes a bug related to high memory usage eventually leading to high CPU due to eBPF memory leak in kernel space resulting in servers going into unusable states. This only impacted the kernel versions 3.10x and <= 4.16x, majorly on RHEL/CentOS distros. Update to the latest MDE version to avoid any impact.
234
+
- This release fixes a bug related to high memory usage eventually leading to high CPU due to eBPF memory leak in kernel space resulting in servers going into unusable states. This only affected the kernel versions 3.10x and <= 4.16x, majorly on RHEL/CentOS distros. Update to the latest MDE version to avoid any impact.
215
235
216
236
- We have now simplified the output of `mdatp health --detail features`
- While upgrading mdatp to version `101.94.13`, you might notice that health is false, with health_issues as "no active supplementary event provider". This can happen due to misconfigured/conflicting auditd rules on existing machines. To mitigate the issue, the auditd rules on the existing machines need to be fixed. The following steps can help you to identify such auditd rules (these commands need to be run as super user). Take a backup of following file: `/etc/audit/rules.d/audit.rules` as these steps are only to identify failures.
1063
+
- While upgrading mdatp to version `101.94.13`, you might notice that health is false, with health_issues as "no active supplementary event provider. This can happen due to misconfigured/conflicting auditd rules on existing machines. To mitigate the issue, the auditd rules on the existing machines need to be fixed. The following steps can help you to identify such auditd rules (these commands need to be run as super user). Take a backup of following file: `/etc/audit/rules.d/audit.rules` as these steps are only to identify failures.
1044
1064
1045
1065
```bash
1046
1066
echo -c >> /etc/audit/rules.d/audit.rules
@@ -1333,7 +1353,7 @@ As an alternative approach, follow the instructions to [uninstall](linux-resourc
1333
1353
1334
1354
##### What's new
1335
1355
1336
-
- Added a capability to detect vulnerable log4j jars in use by Java applications. The machine is periodically inspected for running Java processes with loaded log4j jars. The information is reported to the Microsoft Defender for Endpoint backend and is exposed in the Vulnerability Management area of the portal.
1356
+
- Added a capability to detect vulnerable Log4j jars in use by Java applications. The machine is periodically inspected for running Java processes with loaded Log4j jars. The information is reported to the Microsoft Defender for Endpoint backend and is exposed in the Vulnerability Management area of the portal.
@@ -1343,7 +1363,7 @@ As an alternative approach, follow the instructions to [uninstall](linux-resourc
1343
1363
1344
1364
##### What's new
1345
1365
1346
-
- Added a new switch to the command-line tool to control whether archives are scanned during on-demand scans. This can be configured through mdatp config scan-archives--value [enabled/disabled]. By default, this setting is set to enabled.
1366
+
- Added a new switch to the command-line tool to control whether archives are scanned during on-demand scans. This can be configured through mdatp config scan-archives--value [enabled/disabled]. By default, this setting is set to enabled.
0 commit comments