McAfee Active Response 2.4.4 Release Notes

This release notes of McAfee® Active Response 2.4.4 includes new features or enhancements.

Every update release is cumulative and includes all features and fixes from the previous release. We recommend that you always upgrade to the most current update.

Release details

Component Version
McAfee Active Response Extension/Packages 2.4.4.404
McAfee Active Response Aggregator 2.4.4.404
Active Response Server 2.4.4.404
Active Response Client 2.4.4.404
Active Response Workspace 2.4.4.106

Updated platform, environment, or operating system support

Active Response 2.4.4 is compatible with RHEL 7.8 and 8.0.

Active Response 2.4.4 supports McAfee® ePolicy Orchestrator® (McAfee® ePO™) 5.10.0 Update 9.

For the complete list of components, supported platforms, environments, and operating systems for Active Response, see KB84473.

Resolved issues

This release resolves known issues.

Reference Resolution
PERINOLA-16037 Active Response search results for current files no longer include deleted files.
PERINOLA-16041 Issue with CVE-2020-1938 vulnerability is now fixed by upgrading Apache Tomcat to 7.0.100.
PERINOLA-16047 Executing searches with UserProfiles, InteractiveSessions, and LocalGroups collectors no longer cause high CPU usage.
PERINOLA-16095 Upgraded Nginx server no longer contains security vulnerabilities.
PERINOLA-16101 Name and value filters are displayed correctly in two columns when executing a search with EnvironmentVariables collector.
PERINOLA-16102 Services collector works correctly on Linux when a search is executed.
PERINOLA-16103 Issue with collectors in Active Response in Japanese is fixed.
PERINOLA-16104 RemoveFile reaction successfully deletes files at / folder.
PERINOLA-16112 Issue with DisksAndPartitions, DNSCache, ScheduledTasks, and CurrentFlow collectors on Linux is fixed.
PERINOLA-16117 Active Response checks minimum supported macOS versions before installation.
PERINOLA-16124 Active Response installer for RHEL systems no longer uses /tmp folder in the installation process.
PERINOLA-16125 Active Response Threat Workspace displays affected hosts successfully.
PERINOLA-16130 Active Response successfully connects with McAfee® Advanced Threat Defense 4.10.
PERINOLA-16132 Issue with WinRegistry collector on Windows 7 is fixed.
PERINOLA-16154 Issue with NetworkFlow collector is fixed.
PERINOLA-16171 Issues with McAfee Endpoint Security dependencies are fixed on macOS by upgrading to FMP 10.7.
PERINOLA-16174 Active Response no longer causes Citrix DLL to crash after installation.
PERINOLA-16182 Issue with VTP service is fixed.
PERINOLA-16189 Issue with Active Response content packages when updating to a later Active Response client version is fixed.
PERINOLA-16190 Active Response Search page no longer displays multiple instances of the same process when a search is executed with Process collector.
PERINOLA-16191 Issue with length of custom notification message when quarantining a host is fixed.
PERINOLA-16193 All columns in the Threat Event Log page are legible.
PERINOLA-16194 In the Threat Event Log page, Active Response shows the correct Event Category for successful update events.
PERINOLA-16195 Issue with Software collector is fixed and installdate column shows information correctly.

Installation information

For information about installing or upgrading Active Response, see the McAfee Active Response Installation Guide.

Known issues

For a list of known issues in this product release, see KB88196.