Kaseya Community

9.5.0.25 Patch Release - 18 December 2019

  • Hey Guys,

    Click here to review our latest release notes.


    I have also copied them below for reference as well:

    ---------------------------

    The VSA 9.5.0.25 release includes the enhancements and fixes described in the topics below. For minimum system and agent requirements, see these topics in the Kaseya R95 System Requirements GuideKaseya Server Minimum Requirements & Configuration and Agent Minimum Requirements.

    IMPORTANT!

    • Beginning in release of 9.5.0.24, HTTP cannot be used and is no longer supported in VSA. If you are currently using HTTP with a previous version of VSA, we strongly recommend switching to HTTPS.
    • If you need help configuring HTTPS and setting up a security certificate, you can find more information on SSL Certificates here: Using Security Certificates. VSA supports self-signed certificates and trusted CA SSL certificates.
    • This release requires agent version 9.5.0.14. Be sure to update your Windows, Mac, and Linux agents after installing this release.
    • API token strength - In the next planned release of VSA, 9.5.0.26, we will strengthen our API Token by increasing the character keyspace. For custom integrations (e.g., non-Kaseya-provided API integrations) be sure there are no limits on the length or combination of characters when receiving the API Token for subsequent use with the REST APIs. If applicable, be sure to remove any existing limitations before upgrading to release 9.5.0.26.

    Deprecations

    Deprecated operating systems

    Consistent with Apple's Product Support Policy and End of Product Update dates, Kaseya VSA no longer supports the following products as of version 9.5.0.25:

    • Apple OS X 10.7
    • Apple OS X 10.8
    • Apple OS X 10.9
    • Apple OS X 10.10
    • Apple OS X 10.11

    Deprecated browsers

    As of version 9.5.0.25, Kaseya VSA no longer supports use of the Opera browser (applies to Windows and Apple OS X platforms)

    Planned deprecations

    Consistent with Microsoft’s Product Lifecycle Policy and End of Extended Support Dates, Kaseya VSA will no longer provide support for the following products on the dates indicated:

    • Microsoft Windows Server 2008 (all editions and service packs): January 14, 2020
    • Microsoft Windows 7 (all editions and service packs): December 31, 2020

    Note: Kaseya will continue to support Windows 7 through December 31, 2020. Microsoft end of support for Windows 7 is January 14, 2020.

    • Microsoft Internet Explorer 10: January 31, 2020

    The following VSA functionality will no longer be available or supported on the date indicated:

    • Classic VSA User Interface (System > Server Management > Default Settings > Enable the Classic User Interface): January 31, 2020

    Enhancements

    Software Management - Skip if Offline

    Software Management > Profiles > Scan and Analysis and Software Management > Profiles > Deployment - Software Management profiles have been enhanced to automatically schedule scans and deployments for offline assets. In past VSA releases, scans and deployments would skip any offline agents. With this enhancement, tasks for offline agents are queued and executed when the agent comes back online.
    You can opt to skip scan and deployment tasks for offline agents by checking the Skip if offline option when adding or editing profiles. If a scheduled scan or deployment task is executed to an offline agent and the Skip if offline option is checked, the task is skipped instead of being queued and executed once the agent is back online.

    • Skip if offline Edit Deployment profile example:

    skip-if-offline-3-authIT.png

    • Skip if offline is set to Yes for the Deployment profile:

    skip-if-offline-2-authIT.png

    • Skip if offline setting on the Scan and Analysis page:

    skip-if-offline-1-authIT.png

    • Skip if offline logging - Upon adding the Skip if offline option to an endpoint, these messages are logged to Software Management > Administration > Application Logging:
    Event Id: <New Event ID>
    Event Name: Skip if Offline selected on <Deployment/Scan> action
    Message: Skip if offline was included in the scheduling of <machine id>
    Admin: <Admin which initiated the task>
    Event Date: <Date when the skip if offline option was selected>

    Installers

    • Enhanced patch error handling with additional checks and messages reported in the installer log.

    Multi-factor Authentication

    • When AuthAnvil is enabled, native VSA 2FA is now available for each VSA user that is whitelisted in the AuthAnvil configuration of VSA.

    Traverse Integration

    • IT Complete - Traverse > Administration > Org Mappings - Added a new Org Mapping page that enables Admin users to link an existing VSA tenant to a Traverse Department. For details, see Org Mappings in the Virtual System Administrator™ User Guide.

    System

    • The SHA256 for Kinstall now displays on the System > Server Management > Configure page.

    Fixes

    AuthAnvil Integration

    • Fixed an issue where resetting the AuthAnvil SAS URL did not disable AuthAnvil 2FA for tenants.

    Authentication

    • Fixed an issue in release 9.5.0.24 where Active Directory users could no longer log in. Login failed with this error: An error has occurred.
    • Fixed an issue in release 9.5.0.24 where Portal Access users could no longer log in to the VSA.
    • Fixed an issue where VSA failed to authenticate Active Directory users whose passwords contain the # character.

    BMS Integration

    • Fixed an issue where the Reopen closed duplicate tickets option was not working properly.

    Database & Schema

    • Fixed an issue where no licenses displayed on the System > Server Management > License Manager > Third Party tab when logged in to Partition 1.

    Discovery

    • Fixed an issue where Discovery failed to authenticate passwords that contain the # character.

    Info Center

    • Fixed an issue where master users could not view reports in private folders and shared folders owned by other master users.

    Kaseya Agent Installers

    • Agent deployment packages - For enhanced security, the use of embedded credentials with agent installers is no longer supported beginning in release 9.5.0.25. Technicians will need to employ alternate means of deploying the Kaseya agent on non-administrative accounts. Note the following:
      • Creation of new agent packages no longer permits a user to enter administrator credentials.
      • Creation of new agent packages via templates (Agent > Templates > Create) no longer permits a user to enter administrator credentials.
      • When editing an existing package that contains embedded administrator credentials, the administrator credentials are removed from the system.

    Note: There is a known issue where the Mac agent cannot be installed silently without embedded credentials. To continue using silent installs, do not modify any existing Mac deployment packages upon upgrading to 9.5.0.25. This issue will be resolved in an upcoming release.

    • Legacy support - Existing agent packages that contain embedded administrator credentials can only be used and deployed on unsupported legacy Windows systems (e.g., Windows XP).

    KInstall

    • Fixed an issue where KInstall was unable to install VSA versions older than 9.5.0.21.
    • Fixed an issue in new VSA installations where the Kaseya VSA Server Upgrade Options page erroneously indicated that an upgrade was available.
    • Fixed an issue where KInstall would erroneously fail the screen resolution check.
    • Fixed an issue where progress messages would open while VSA modules were being installed, blocking access to the main KInstall window. These messages no longer display.
    • Fixed the InstallShield EICAR link in the installer.

    Live Connect

    • The /q switch can now be used to run silent installs.

    REST API

    • Fixed an issue where authentication tokens were not being refreshed properly, causing intermittent generic 500 errors in some 3rd party TAP modules.
    • Fixed an issue where all current sessions were being deleted when using DELETE /system/users/session.

    Software Management Module

    • Fixed an issue where scan Zip files were being constantly recreated on some SaaS servers in cases where the patch scan file failed to download.
    • Fixed an issue where the Failed Patches report did not display any data.
    • Fixed a patch approval error that occurred if private profiles were enabled.
    • Fixed an issue seen in some VSA SaaS instances where profiles could not be removed from the Software Deployment > Profiles > Assign by Machine page.

    VSA Core

    • Licensing - Fixed an issue where VSA was not retrieving updated licensing information from the License Server.

    Known issue with this release

    • Mac agent deployment packages - For enhanced security, embedded administrator credentials cannot be added to newly created agent deployment packages. Existing packages will retain previously added embedded credentials, if applicable. If existing deployment packages are edited and saved, any previous embedded administrator credentials for that package will no longer be retained. Embedded credentials are required to enable silent deployment of Mac agents. To continue using silent install for Mac endpoints, do not make any changes to existing Mac deployment packages upon installing VSA 9.5.025. This Mac silent install issue will be resolved in an upcoming release.

  • When will this patch be applied to SaaS customers, and is there a way to see what patch level is running.

  • SaaS will be updated on 12/21/2019.  Our SaaS will be on the latest version following our On-Premise GA release, in this case version .25

  • I'm sorry, but as many times as I have read this, I fail to see the part about Agent Procedures no longer requiring Flash.  

  • I'm very confused about this: "As of version 9.5.0.25, Kaseya VSA no longer supports use of the Opera browser (applies to Windows and Apple OS X platforms)"

    So you're not going to support the use of a browser that is based on Chromium and uses Blink, but you'll continue support the use of Google Chrome, which is a browser based on Chromium and uses Blink, and also includes a bunch of Google's BS that some people prefer not to use.

    I prefer Firefox, but after finding that an idle Firefox tab sitting in the foreground with the VSA open uses 15-20% CPU for some reason and reporting it, I was told that I should just not use Firefox. Well I still use Firefox, but I also use Opera to access the VSA with the KAdmin account, and now I guess I'll have to find another solution for that because Kaseya is going to stop supporting the use of a browser that is the same as Chrome in every way that matters in a technical sense, and different from Chrome in ways that matter in a security and privacy sense.

    Is there an actual technical reason for dropping Opera?

  • Our new agent procedure editor will be released in our next VSA patch.  It will be worth the wait =)

  • Any word on 9.5.0.26? Its been a bit.....

  • I second that.

    Please Oscar share with us an idea of when we are getting the new patch out even if it is bad news.

    Alex

  • Oscar mentioned on discord that limited testing of .26 starts on SaaS tomorrow with rollout proceeding based on results there.

    Delays are frustrating, but cudos to Kaseya for not releasing a build which has known issues. Less, higher quality releases is still preferable to more yet buggy builds, in my book.

  • I have to agree with Craig, maybe a brief word on the test here is possible, ?

  • Ditto!

  • Looks like 9.5.0.26 is out and its a big one - where is the discussion thread? We will likely wait a week or two to deploy to see if there are any big issues.

  • SaaS is doing maintenance tomorrow morning so maybe we'll be getting it as part of that.

  • Hey guys,

    Notes are up and published.  Thread is below:

    community.kaseya.com/.../24902.aspx