Documentation & Downloads

 View Only

Cb Protection: Windows 10 Creators Update (Redstone 2) Support

By Tim Smith posted Mar 14, 2017 01:29 PM

  

Updated: 2017-05-15

Cb Protection 8.0 Patch 4 was released today. This version supports Windows 10 Creators Update. For users on 8.0 you can download the patch utility from here. If you are on an earlier version of Cb Protection you can download the full installer from here.

During pre-release testing of Windows 10 Creators Update (Redstone 2) we found some product changes in the Operating System that impact Cb Protection. When Microsoft officially releases Redstone 2 we recommend that customers do not upgrade to it until we announce official support for it .

Details

During our testing of the preview edition of Redstone 2 we found some compatibility issues and are making appropriate changes to the Cb Protection agent. These issues are:

  • Tamper Protection Bypassed: Cb Protection tamper protection cannot prevent the service from being deleted
  • Data Structure Change: Redstone 2 has changed a data structure which could potentially cause a deadlock between the Cb Protection agent and other security products. Additionally, the agent may make an incorrect approval because it cannot detect the correct parent process
  • New APIs Exist: Redstone 2 has introduced several new APIs that can be used to delete or rename a file. These new APIs can prevent the agent from tracking renames and deletions and more importantly can enable a user to bypass a tamper rule or file integrity control rule

Versions Affected

All Cb Protection versions that support Windows 10 - 7.2.3+

Course of Action

We recommend that customers do not upgrade to Redstone 2 until we release an updated that officially supports it.

As soon as Redstone 2 is generally available we will re-test and make any further agent changes required and release an updated agent  Please continue to follow this post for additional updates.

Our SLA for support of updated OS can be found here.

21 comments
0 views

Permalink