NOTICE - On October 18, 2022, this product was renamed to Remediation Connector Solution.
TIP - This is an example of the Remediation Connector Solution configured with CrowdStrike Falcon®.
CrowdStrike and CrowdStrike Falcon are registered trademarks of CrowdStrike, Inc.
Remediation Connector Solution is not associated with, or endorsed by, CrowdStrike Holdings, Inc. or its affiliates.
The Remediation Connector Solution product was updated with new features and improvements. Release notes are viewable below.
Product version 1.2.8.182 - October 25, 2024
Features and improvements
- No features this release.
Issues fixed
- Updated the static IP addresses required for contained endpoints.
Product version 1.2.6.180 - October 24, 2024
Features and improvements
- No features this release.
Issues fixed
- Fixed an issue where license keys were not being registered with MBBR.
Product version 1.2.5.179 - June 13, 2024
Features and improvements
- No features this release.
Issues fixed
- Breach Remediation could not be downloaded on contained devices due to invalid URL.
Product version 1.2.2.171 - February 10, 2023
Features and improvements
- No features this release.
Issues fixed
- Scans were performing as expected and completed but periodically displayed error results within the scan log.
Product version 1.2.0.169 - January 9, 2023
Features and improvements
- GET Device Details API updated to the latest version.
Issues fixed
- No fixes this release.
Product version 1.0.23.163 - June 6, 2022
Features and improvements
- No features this release.
Issues fixed
- Encountered a problem during a scheduled scan and follow up scans continuously displays the scan task started.
- MBBR_ARGUMENT_ERROR displayed when the license key is copied with an additional space or character at the start.
- Breach Remediation was failing to upgrade from version 1.0.20.153 to the latest version.
Product version 1.0.22.157 - May 19, 2022
Features and improvements
- Proxy server configuration now accepts hostnames, not just IP addresses.
Issues fixed
- No fixes this release.
Product version 1.0.21.156 - May 3, 2022
Features and improvements
- No features this release.
Issues fixed
- Downloading Breach Remediation through a proxy was not executing the PowerShell script correctly.
- Allow Breach Remediation to run on a host machine when the MBAMService is stopped.
Product version 1.0.20.153 - April 18, 2022
Features and improvements
- Remediation Connector Solution is now completely portable.
- Scan reports and configuration files are stored locally on the host machine in the same folder where MRfCS is executed from.
- A warning displays and stops the program if you run Breach Remediation alongside the Endpoint Agent.
Issues fixed
- No fixes this release.
Product version 1.0.19.150 - March 7, 2022
Features and improvements
- Unique user Client ID configuration available to setup multiple proxy configurations.
- Notification available to check if a scan is in progress before starting a new scan.
Issues fixed
- Scans on Windows 7 were failing with an "Executable script code found in signature block" error message.
Product version 1.0.18.44 - February 14, 2022
Features and improvements
- Improved diagnostic message context for download errors.
Issues fixed
- Issue with full scan timing out after 10 minutes.
- DNS resolution failure occurred when initiating a scan after a host is placed into network contain mode.
Product version 1.0.17.42 - December 3, 2021
Features and improvements
- Remediation Connector Solution PowerShell scripts are now digitally.
- Scanning network contained endpoints now uses all static IP addresses.
- Additional static IP addresses added for scanning network contained endpoints.
Issues fixed
- Issue where scans were not running when TLS 1.0 was disabled on an endpoint
Product version 1.0.12.94 - August 3, 2021
Features and improvements
-
Persist the settings: This feature has been added so settings can be saved and automatically applied after use.
- Persist scan types, scan settings, exclusions, custom IOC files.
- At startup, load these settings and with one click you can perform the action.
- Reset to default: This option resets settings back to default.
-
Stop MBBR Scan in progress: This feature allows users to stop a scan while the breach remediation scan is in progress.
- Scan canceled by user event does not show up in syslogging.
- Added a menu options in the data grid so users can get more details about the host in the Falcon console while they are in the Remediation Connector Solution applet.
- Menu options include:
- Open host in Falcon
- Open real time response
Issues fixed
- When loading the hosts, the machine status changed to Not Scanned even if the scan operation was completed. Values now match in the last scanned column in the local log file.
- If the log file was not there, values showed empty/blank in the last scanned column.
- Scan history was only showing successfully completed scans. This now displays the failed scans so the users can take necessary action.
Product version 1.0.11.82 - June 15, 2021
Features and improvements
- Client ID now displays in the Remediation Connector Solution applet. Viewable when managing multiple clients.
- Added interface filtering when loading Hosts and Detections.
- Exclude Hosts which have already been remediated.
- Filter Hosts based on detection severity.
- Added the option to upload a custom detection rule in the applet to exclude items from scanning.
- For more information, see the Creating Custom Rules section of the Breach Remediation Windows Administrator Guide.
Issues fixed
- Fixed an issue where Remediation Connector Solution failed to download MBBR.EXE with Zscaler HTTP 403 error.
- Fixed an issue where no scan results file is generated when scanning with exclusions.
- Changed file save path from "$mbbrPath" to "C:\mbbr".
- Fixed an issue where the Scan Report was not being parsed and saved.
- Increased log file size from 1MB to 10MB and file count from 10 to 20.
Product version 1.0.7.66 - March 30, 2021
Features and improvements
- Support for CrowdStrike RTR Queue
- Allows an administrator to queue a job command for offline endpoints.
- Scheduled scans queued will display a new icon. Provides an expiration tooltip for the queued scheduled scan.
- Search and filter Scan Reports
- Search a scan report using a hostname.
- Filter out hostnames with no detections.
- Scan Type column added to the Scan History page.
- Username column
- Detections by Users column added to the endpoints page.
- Admins can view detection count by username.
- If the host machine has multiple users, they will be listed in alphabetical order.
Issues fixed
- Falcon Insight Network Contain mode
- Static URL indicator added for network contained endpoints.
- Static download URL added for network contained endpoints. Allows network contained endpoints to download Breach Remediation using a Static IP.
- Enhancements to Syslog information.
- Message indicator added to settings page if unlicensed.
- Windows 7 support added.
Product version 1.0.6.53 - March 16, 2021
Features
- Support for Multiple Client IDs
- A Master Password must now be setup from the login screen going forward.
- Recovering the password is not possible. Resetting the password will remove user settings completely.
- No saved log files will be removed if a password is reset.
- Client Name is unique, duplicate names cannot be shared across multiple Client IDs.
- Client ID configuration can be added, modified, or removed.
- Can switch between different clients without logging out of the product.
- Scan History and Report
- Scan History button has been added within the user interface for reporting.
Improvements
- Reboot Time Customization
- 5 Minute reboot time added to default settings. Customizable within the product.
- Status Column Includes Indicators
- Reboot Required, Host Contained, Threat Found indicators added under Status Column.
- MBBR license key field has been moved to the Settings page.