Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Cortex XDR Agent Incompatibility with Upcoming Windows 11 24H2 and Windows Server 2025 Releases

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Cortex XDR Agent Incompatibility with Upcoming Windows 11 24H2 and Windows Server 2025 Releases

L3 Networker

Hi,

 

Does anyone have more information about the " Cortex XDR Agent Incompatibility with Upcoming Windows 11 24H2 and Windows Server 2025 Releases"???

I received an email today alerting me about this issue, and I’m wondering: does anyone know the real risks if devices are upgraded?

 



Best regards
Tiago Marques
9 REPLIES 9

L0 Member

Agreed.

When you get an email that says, "Hey man, yeah... You know that thing you guys pay us a lot for? Yeah... It might start freezing up your systems, but don't fret because we're working on a thing and updates are, you know... coming in like... you know... upcoming days... and stuff." It is worrisome to say the least!

What does the timeline look like? What does "Coming days" equate to? Are we supposed to mod the GP to block the MS update? Are we forced to remove Cortex for another product? Considering the havoc this could wreak on my fleet, I found the email to be tone deaf; aloof at best.

 

How about an actual game plan that doesn't freak Solo IT hounds right the off out!

 

Thanks!

The feedback i received:

"We are not supporting the preview version (aka beta release of Windows 11 24H2 and Server 2025). Both CU and agent releases will be released in the upcoming days while GA for Windows 11 is scheduled early October(the 8th) and Server 2025 will be GA later this year... and there will be a communication to follow on when these XDR agent releases will be released.

We still have plans to support OS on day 0 of GA."

Best regards
Tiago Marques

L0 Member

I want to know if Cortex XDR v8.5.0.624 is affected. 

The advisory says versions above v8.5.0.3639 are not affected. Can't find any info on this build.
1) If the top version is NOT affected, then why was a new build (older version number) just released?

2) Can I leave v8.5.0.624 installed until v8.6 is released? 

3) Is v8.5.0.3639 currently preferred for new installations (over v8.5.0.624)? 

 

The email advisory I got today is still very vague ("upcoming days"), however I got a notification within my tenant that the upgrade will take place October 6th. I assume your tenants will be upgraded around the same time. 

24H2 started going out today. Already had 2 machines update to it. Would love to get an update from Palo.

Edit looks like 8.5.0.3639 is compatible and shows available in our portal. Really dumb naming though when 8.5.0.624 already exists. A number like that just confuses things. They also mention versions not available yet in their warning banner.

L3 Networker

official notification:

"We are happy to inform you that we are releasing a new Cortex XDR Agent version 8.3CE (Critical Environement) that supports Windows 11 24H2 and Windows Server 2025.

The new compatible Cortex XDR Agent version 8.3.100.53457 will be released today, October 7, 2024.

Once released, the new XDR Agent version will become available in your Cortex tenants.

Make sure to use only supported agent versions (8.3.100.53457 released today as well as 8.6.0.3704, 8.5.0.3639, and 8.4.1.53455 that were released last week) before upgrading to the new Windows releases to avoid a possible system freeze"

Best regards
Tiago Marques

We are seriously struggling with your numbering. Why are you releasing what appears to be a very old version 8.3.100.53457 today when a higher version 8.6.0.3704 was released a week ago. Which BTW this version did not show up for us until today. Traditionally higher versions are the first 2 octets but you guys appear to be making up your own rules here and it's confusing for everyone.

Hi @craigmohr, you are confusing the regular agent versions with the CE, which are designed for Critical Environments with extended support. More information here in the doc. You can find here how to enable the CE agent versions in your tenant.

 

The "8.6" agent version is released as part of the XDR 3.12 update. It only appears when your tenant is updated, you or your account owner should have received an email with the exact date of this update. The versions updates are done in three batches, to avoid any unexpected wide issue that this can cause.

 

 

JM

So we are safe/good to go on the 8.6 version and don't need to install 8.3? Problem for us was that 24H2 started dropping and getting installed before we got 8.6 available to us.

Yes, have the  8.6.0.3704 version installed, and then update the operating systems. Before the 8.6 was also released the 8.5.0.3639 version that is also able to work with 24H2.

JM
  • 3484 Views
  • 9 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!