Hotfix Release Notes of Xcitium Enterprise & Platform (November 14, 2024)

Hello Xcitium Team,

We want to let you know that the Xcitium Enterprise & Platform Hotfix Release is scheduled for November 14, 2024.

This release will take about 4 hours, with no expected service interruptions. Our team will be actively monitoring the system throughout the process, so if you experience any issues afterward, please contact us.

Release Schedule:
US & EU Regions: Thursday, November 14, 2024, at [date=2024-11-14 time=10:00:00 timezone=“Europe/Istanbul”]

What’s Included:
This update brings several bug fixes, an improvement item, and a resolution for the certificate issue affecting the XCS 13.0 agent.

Details of this release:


Xcitium Enterprise & Platform

Improvements

  • Updated default file group variable definitions to enhance configuration consistency.
  • Added a validation step for custom scripts, requiring approval by Threat Labs after local approval to enhance security and compliance.

Bug-Fixes

  • Fixed an issue preventing the addition, deletion, or disabling of emails in the notification section in the US region.
  • Resolved a login issue in Xcitium Enterprise that prevented some users from accessing the platform.
  • Corrected a mismatch between the security questions selected during sign-up.

Appendix

New Portal Versions

  • Xcitium Platform: 9.3.7
  • Xciitum Enterprise: 4.38.1

We’ll be on hand to address any questions or feedback, so please don’t hesitate to reach out. Thank you for your ongoing support.

Best,
Xcitium Product Management Team

Hi @Umut , Please could you elaborate on this change.

1 Like

Hi @nct ,

Updates were made to the pipe settings in Windows Management under the File Groups variable to ensure consistent configuration.

Best Regards.

hello guys.

sorry the delay. my profile was not working anymore. tried everything and it seems the old one just was removed so i created a new one.

i saw that it was said that the poc problem would be fullt adressed in this new release but i dont see it on the release notes.

can you guys confirm its solved in this one? i would like to test it and make a new video showing it is solved as soon as possible.

Hi @Umut , as an Itarian user, do I need to make any configuration changes?

Hi @Umut

Are there more details? Is this change about the policy file or the program itself?

Thanks

@vitaotek Looking forward to your test.

@Umut , We are now seeing that the procedures are waiting on threat labs scan. Its taking time and unless that is completed we are not able to run the procedure. Another issue is that its no longer showing Approve/Reject option, so the script stays as “Ready For Review” status even after the threat lab scan is completed. May I know how can we turn of this feature? We do not want our procedure code to be submitted for threat scans as that may contain information like credentials. So that should be an option to configure.

hello my friend. i tried it but no lucky. i coudnt find a way of upgrading the xcitium client to the new version.

if somebody could help i could do the new test with the updated security client.

Hi Vitaotek,

We have tested the POC with the new version and the 14th update, and it appears that Xcitium has resolved the issue.

1 Like

@vitaotek & @Jomcy, I can see our profiles have been updated to include a new HIPS protected object for Windows Management.

1 Like

It appears that the profile was not updated on 14th November and has been there since the beginning. Alternatively, it may have been updated, but the updated date is not being reflected. Could you please clarify?

@nct The “Windows Management” object is not a newly added one, it has been there at the very first.

1 Like

thats nice to hear. how can i get the updated installer for xcitium client?

1 Like

@Redstraw, Was \Device\NamedPipe\ntsvcs listed under Windows Management?

1 Like

@Vitaotek, you can update it from the Xcitium console. Navigate to Endpoint Manager Settings and enable the option to Change Version While Updating.

Then update the client with specified version
Screenshot 2024-11-21 at 12.55.57 PM

1 Like

Yes, along with two other entries.

\Device\NamedPipe\atsvc
\Device\NamedPipe\ntsvcs
\Device\NamedPipe\svcctl

2 Likes

@nct It might have been added to HIPS, but the profile isn’t showing as updated, which could potentially be a bug.
@Umut could you confirm if this change was introduced recently?

Anyway, the vulnerability has been fixed, and that’s great news! Thanks, Team Xcitium!

3 Likes

Now when will this correction be made for the CIS?