Cobalt Strike 4.10.1 is now available. This is an out of band update to fix issues that were discovered in Cobalt Strike 4.10 that we felt should be fixed before the next release. This update does not affect the 4.11 release which is well underway and due to ship in early 2025.
Mutiple Team Server Connections Caused Client Disconnection
We fixed an issue which caused clients to disconnect when using multiple concurrent team server connections.
x86 Beacons With Indirect Syscalls Crashed on Windows 11
We fixed an issue which caused Beacons to crash when using indirect system calls for x86 Beacons on recent Windows 11 updates.
WinHTTP Beacons Truncated Long User Agent Names
We fixed a WinHTTP Beacon issue which caused long Malleable C2 user agent names to be truncated when also configuring a proxy server.
Mutator Kit Updates
The Mutator Kit in the Arsenal Kit has been updated. These changes include updating the docker file to use alpine 3.19 (which is the latest version to support LLVM and CLANG version 14), updating the scripts to reference the current release of the sleepmask source code (4.10), and fixes an issue when the kit is installed on Windows with any space in the full path name.
License Note
Licensed users can download version 4.10.1 from here. If you need to update your CS license for an existing CS 4.10 environment that you don’t want to update, you can obtain a new authorization file using the Authorization Generation page rather than running the update command.
We thank our customers for reporting these issues. If you notice any other issues with Cobalt Strike, please refer to the online support page, or report them to our support email address. To learn more about Cobalt Strike, please contact us.
