The release notes for Symantec Endpoint Detection and Response (Symantec EDR) 4.6 are available here: https://techdocs.broadcom.com/content/dam/broadcom/techdocs/symantec-security-software/endpoint-security-and-management/endpoint-detection-and-response/generated-pdfs/sedr_release_notes_4.6.pdf
New issues discovered after the 4.6 release are listed below.
The Symantec EDR team investigated the log4j vulnerability described in CVE-2021-44228. Some components of the EDR on-premises appliance contain log4j versions that are known to be exposed to the vulnerability and may be impacted.
For EDR 4.6.0, 4.6.5, and 4.6.7, a hotfix is available to address the log4j vulnerability: atp-patch-generic-4.6-1. This hot fix also includes a security update for CVE-2021-45046.
For versions of EDR earlier than 4.6.0, Symantec strongly recommends that you upgrade to EDR 4.6.8 to ensure your environment is protected from CVE-2021-44228 and CVE-2021-45046.
-----------------------------------------------------------
Upgrade to Symantec EDR 4.6.7 to update nginx 1.20.1.
Error 500 returned from SEPM when Symantec EDR tries to add new items to the Exceptions policy after update to 14.3 RU2
-----------------------------------------------------------
Symantec EDR 4.6.5 supports Mac agent endpoint enrollment when you upgrade to SEP 14.3 RU2. After the upgrades to Symantec EDR 4.6.5 and SEP 14.3 RU2, Mac endpoints can forward the following event types to Symantec EDR:
Adding groups to SEPM Group Inclusions never completes
After upgrading the Appliance to version 4.5.0, it is not possible to include SEPM groups for EDR to manage. The groups are selected and the configuration is saved, but the groups are never included, and the screen remains processing. This is resolved in 4.6.5.
Multiple performance enhancements
Symantec EDR 4.6.5 has made several internal database changes to tune for environment with high client counts and VDI clients.
Please note:
No installation package is available for Symantec EDR versions 4.6.5 or 4.6.7. To install Symantec EDR versions 4.6.5 or 4.6.7 on a new EDR appliance, install Symantec EDR version 4.6 and upgrade to 4.6.5 or 4.6.7 using the supported upgrade methods for the Symantec EDR CLI and web user interface.