Linux security agents outdated and malfunctioning
We identified a situation where the security agent installed on some Linux endpoints was outdated, though the endpoint was online. While this may happen due to a variety of reasons, we believe that it is related to an engines update (engines version 7.74880, delivered on February 6th, 2018).
We have developed a mitigation script that repairs the agent and restarts the antimalware services. Because the script cannot be deployed via automatic updates, this issue requires your attention.
If you are in this situation, this is what you need to do:
Identify all possibly affected endpoints
To identify the outdated Linux endpoints:
- Log in to Control Center.
- In the Network page, click the Filters menu and create a filter to display all managed endpoints and Relays, recursively.
- Filter the Linux endpoints in the grid, using the OS column.
- Select all endpoints.
- Click the Reports button in the action toolbar and create an Update Status report.
- Filter the endpoints with Outdated status, using the Update Status column.
- Sort the list by Engines version.
You can easily view the last update time and engines version. All endpoints with Engines version 7.74880 need your attention.
Remediate the situation
- Download the script from here.
- Run the script on endpoints identified earlier, either manually or through a system management tool. The script requires root administrative privileges and execute rights.
$ sudo chmod +x sigfix.sh
Wait a couple of minutes until downloading of new files is complete.