Team: Huntress Managed Endpoint Detection and Response (EDR)
Product: Huntress Agent Updates
Environment: Windows, MacOS
Summary: While the Huntress Agent should automatically update, there may be underlying issues preventing these updates.
In This Article
Agent Update Process
Troubleshooting Scenarios
Agent Update Process
The Huntress Agent is designed to update automatically. Updates are handled by two components: the newer HuntressUpdater.exe and the older wyUpdate.exe (legacy agents only). When an update is available, the Agent calls the appropriate updater to download and apply the new version. For more information, see the Update Procedure for the Huntress Agent guide
Troubleshooting Scenarios
Here are the most common scenarios that can prevent the Huntress Agent from updating and the steps you can take to resolve them.
Scenario |
Possible Situation and Solution |
TLS 1.1 or 1.3 is Blocked |
Situation: wyUpdate.exe uses TLS 1.1 to fetch updates, and if this protocol is blocked on the endpoint, the Agent update will fail. The newer HuntressUpdater.exe uses the more secure TLS 1.3. Solution: wyUpdate.exe is an older component. If you must support older Agents, ensure that TLS 1.1 traffic is allowed, or upgrade to a newer Agent that uses HuntressUpdater.exe. For more information, see our documentation on Deep Packet Inspection / TLS / SSL Interception / Cert Pinning |
Outbound Traffic is Restricted |
Situation: HuntressUpdater.exe and wyUpdate.exe need to reach update.huntress.io to download the new Agent version. If outbound traffic is restricted, the update will not proceed. Additionally, our bug reporting software requires communication with notify.bugsnag.com (which may resolve to an IP like 6.205.186.35.bc.googleusercontent.com). Solution: Ensure that outbound communications are allowed on port 443 to our cloud infrastructure. Consult our full article on Outbound Communication Requirements for a comprehensive list of domains and IP ranges that must be allow listed. |
Third-Party Security Software Interference |
Situation: Some third-party security software can interfere with the Huntress Agent operation or cause false positives during the update process. Solution: We highly recommend adding the entire *c:\Program Files\Huntress* directory to the allow list in all of your third-party security software. This prevents interference with both HuntressUpdater.exe and wyUpdate.exe. See our Allow List Huntress in Third Party Software (AV, NGAV, *DR) guide for more information. |
Network Errors |
Situation: The endpoint may have lost its internet connection during the update process. Solution:
|