Elastic Endgame ESensor 3.59.2 Release Notes

Issue

The ESensor release notes for Elastic Endgame sensor 3.59.2 are still not available from the Endgame support pages

Environment

Elastic Endgame

Resolution

Per Endgame Support the New Sensor has the following features:

• Force Ransomware artifact to always use the latest available version.
• Allow macOS system binaries to bypass self protection.

Note on the Ransomware Artifacts:

There is a known issue in 3.23 with the 3.59.1 sensor which causes endpoints to check in with a failed policy reporting an issue with downloading old ransomware artifacts. This failed status is only cosmetic and was corrected with the 3.23.3 hotfix.

The sensor side modifications are to adjust the newly introduced roll-back feature so that the endpoint only requests what is required versus the current behavior resulting in policy errors.