Release Notes: XCS Agents Hotfix Update - June 11, 2026

(This release has been pulled back because of some issue; we will make this available at the earliest)

Announcing an upcoming agent-related hotfix update.

This release will be deployed over 4 hours. No downtime is expected , but please reach out if you experience any issues following the update.

Release Schedule

Agent Updates (US, EU & IN Regions)

  • June 11, 2026 – 03:00 AM EST / 07:00 AM GMT / 12:30 PM IST

XCS Agent

What’s in This Release

Microsoft Office and other trusted applications no longer blocked by EDR

What you can see: EDR block events for trusted installers such as
Microsoft Office Click-to-Run (OfficeC2RClient.exe) and Microsoft Edge
Updater are resolved in XCSW 13.8.2
What you can do: Remove any manual EDR or EDR exclusions added as a workaround for Office Click-to-Run or SharePoint Client. Office installations, updates, and repairs should now be completed normally.
Why it matters: EDR was incorrectly blocking trusted installer processes, causing Office applications to launch in Safe Mode, updates to fail, and Excel/Word functionality to degrade affected endpoints.

Microsoft Office applications no longer crash due to Shellcode Injection detection

What you can see: Excel, Word, and other Office 365 applications that were crashing or becoming unstable on endpoints running XCSW
13.8.1 will now run normally after updating to XCSW 13.8.2.
What you can do: Remove any “Detect Shellcode Injections” exclusions (e.g., “All Applications”) added as a workaround to stabilize Office applications.
Why it matters: A bug in XCS caused legitimate Office processes to be incorrectly flagged as shellcode injection attempts, resulting in
application crashes. This is now resolved.

Security fix: CVE-2026-49494 (XCS firewall driver vulnerability) resolved

What you can see: XCSW 13.8.2 includes a security fix for a vulnerability in the XCS firewall driver.
What you can do: Update all endpoints to XCSW 13.8.2 to ensure this fix is applied.
Why it matters: A vulnerability in the firewall driver related to network packet header processing has been identified and fully remediated in this release.

APPENDIX

NEW AGENT VERSIONS

  • Xcitium Client Security (XCS Windows): 13.8.2

If you have any questions or feedback, don’t hesitate to reach out. We appreciate your continued support and look forward to delivering more improvements!

Best regards,
Xcitium Product Management Team

I noticed this release has been added again with the same version number, what’s new? Whether the previously installed same version will receive an update?