IMPORTANT: This site is planned to be decommissioned in 2026. Visit the Tanium Resource Center for all Tanium release notes, user guides, and support information. To view release notes in the Resource Center, see Tanium Release Notes.
IMPORTANT: If you are using semi-annual releases for on premises, see the Release notes for 2024H1 semiannual release, Release notes for 2024H2 semiannual release, or Release notes for 2025H1 semiannual release on the Tanium Resource Center.
Effective October 15, 2024: On prem release notes on the Tanium Knowledge Base are frozen. For release notes related to 7.4 or 7.5 Server and Solutions, see the Monthly updates for Tanium Version 7.4 and 7.5 Server and Solutions on the Tanium Resource Center.

Release Notes Threat Response (Version 3.3)

From Tanium Knowledge Base
Jump to navigation Jump to search

Tanium Threat Response 3.3.46

Release Date: 13 July 2021

Fixes

  • This release contains performance and stability fixes for the recorder.

Known Issues

  • Memory Collection on Windows 10 2004 or newer might fail to load the winpmem driver and create a 0 byte collection file.
  • Memory Collection on MacOS may fail to load the osxpmem kernel extension and fail to collect a memory snapshot.
  • SELinux policies might fail to install on endpoints that have low resource provisioning. This should resolve over time. Every client resent (4 hours by default) reattempts the installation.

Tanium Threat Response 3.3.45

Release Date: 15 June 2021

Improvements

  • Sets the default maximum number of values to 12 full reputation reports in an Intel document to ensure a safe quick scan size.

Fixes

  • This release contains fixes for applying SELinux policies for the Linux recorder on Red Hat Enterprise Linux.
  • This release contains fixes for Recorder filters for the /dev/shm path on Linux systems running eBPF recorder.

Known Issues

  • Memory Collection on Windows 10 2004 or newer might fail to load the winpmem driver and create a 0 byte collection file.
  • SELinux policies might fail to install on endpoints that have low resource provisioning. This should resolve over time. Every client resent (4 hours by default) reattempts the installation.

Security Update

  • This release includes security updates. Details of the issue, including affected versions, and mitigation information, can be obtained within Tanium's Support Portal, or by contacting your TAM

Tanium Threat Response 3.3.33

Release Date: 18 May 2021

Important Notes

This Threat Response release adds the capability to use eBPF (extended Berkeley Packet Filter) as the source for the Tanium Recorder on supported RHEL/CentOS and Oracle Linux endpoints. The Tanium Recorder defaults to this mode if an endpoint has the correct requirements.

New Features

  • Support for the use of eBPF on RHEL/CentOS 7.8+ and Oracle Linux 7.8+ endpoints with proper dependencies and kernel versions.
  • RHEL/CentOS 7.8 - 8.1 DO require kernel-headers and kernel-devel that match the running kernel in order to be able to use eBPF.
  • Oracle Linux 7.8-8.2 DO require kernel-headers and kernel-devel that match the running kernel in order to be able to use eBPF.
  • Oracle Linux UEK kernel 7.8+ DOES require the kernel-uek-devel package.

Improvements

  • Support for the .yar file extension when uploading YARA rules.
  • Improved Quick Scan coverage messaging.
  • Added capability to filter alerts by intel source.
  • Adds support for setting backlog_wait_time on OEL7 endpoints.

Fixes

  • Improved TAXII feed discovery routes for HTTP/HTTPS.
  • Fixed non-existent file name errors when live browsing.
  • Allow for mass deletion of system notifications.
  • Signal feed will now follow Tanium Module Server Proxy Settings.
  • Updated API documentation around alert deletion.
  • Fixed icons when browsing a file with insufficient permissions.
  • Updated column sorting while file browsing.
  • Improvements to SELinux handling for the Tanium Recorder.
  • Fixed an issue where OEL endpoints running in unicast mode could cause endpoints to be unresponsive.

Known Issues

  • Memory Collection on Windows 10 2004 or newer might fail to load the winpmem driver and create a 0 byte collection file.
  • SELinux policies may fail installation on endpoints that have low resource provisioning. This should resolve over time. Every client resent (4 hours by default) reattempts the installation.