The VSA 9.5.17 Feature Release (build 184.108.40.20687) includes enhancements and fixes described in the topics below. For minimum system and agent requirements, see these topics in the Kaseya R95 System Requirements Guide: Kaseya Server Minimum Requirements & Configuration and Agent Minimum Requirements.
- SaaS Deployment Starts: Saturday, September 23rd, 2023
- SaaS Deployment Completed: Saturday, October 14th, 2023
- General Availability (on-prem customers): Wednesday, October 18th, 2023 - Available now!
Important Security Updates
This release contains important security updates. We recommend on-premises customers upgrade as soon as possible (No action is required for SaaS customers as updates are automatically applied).
- Hardened the encryption method used for storing Active Directory credentials in Discovery module.
- Fixed an issue where Notification Policy alert emails exposed potentially sensitive data.
|Agent||This release requires agent version 220.127.116.11. After upgrading from an earlier VSA version, you must update your Windows, macOS, and Linux agents using an automatic or Manual update process from the agent module.|
|Live Connect Application||When starting a Live Connect or Remote Control session for the first time after installing this release you will be prompted with a link to download the latest Live Connect build. You must complete the installation before proceeding with the session|
This release includes updates to software management client code. Each managed machine will download 120Mb of file updates during the first patch scan or deployment cycle after installing the VSA update. The files will be sourced from the VSA server or a peer endpoint machine on the local network which already has the files. Recommendations to mitigate the impact on network bandwidth:-
1. Use distribution windows in scan and deployment profiles to avoid excessive concurrent downloads.
2. On larger networks schedule a patch scan on a small selection of endpoints in advance of the main scan and deployment windows to leverage peer-to-peer file transfer and reduce impact on internet bandwidth
Support Policy for Prior Releases
Kaseya recommends that customers update their environments to the latest patch release as soon as possible after the GA release date.
Our policy is to provide support for the current GA release, one prior Feature Release, and any interim Maintenance Releases. After the 9.5.17 GA date stated above, the minimum supported version will be 9.5.16 Feature Release
Product Lifecycle Updates
Kaseya Backup (KBU, aka BUDR)
- As previously announced in the End-of-Life-Notice, support for the module will end on December 31st, 2023.
Kaseya Data Backup (KDB)
- As previously announced in the End-of-Life Notice, support for the module will end on September 30th, 2023.
Kaseya Service Desk
- As previously announced in the End-of-Life Notice, support for the module will end on December 31st, 2023 (extended from October 31st) except for use cases where it's primarily used to integrate VSA with Connectwise or Autotask.
Live Connect App
Live Connect sessions will now adhere to the inactivity timeout configured for VSA using the “Minutes of inactivity before a user session expires” setting on the System > Server Management > Logon Policy page.
- The timeout is applied when there is no user interaction. (mouse and keyboard events) within the live connect application for the amount of time specified. It is not kept alive by data received from the endpoint.
- When the timeout is applied, the user is logged out from the Live Connect application, and any active connections to endpoints are terminated. They must authenticate again using the Live Connect login page or initiate a new connection from the VSA application.
To avoid excess duplicate alert creation, we have enforced a minimum 1-minute re-arm period for the following types of alerts:
- Monitor Sets (Counter and Services)
- Event Logs
- Agent Status
- SNMP Traps
- Log Parser Sets
- UI validation has been implemented to prevent new configurations from being applied with a re-arm period of less than 1 minute.
- Any existing configurations, created before this release, with a re-arm period of less than 1 minute, will be updated to 1 minute during the patch install process.
Changed the tenant Default Settings for the use of auto-generated credentials for LAN Cache:
- On System > Server Management > Default Settings page, rename the “LAN Cache - Use auto-generated administrator credentials” setting to “LAN Cache - Only use auto-generated administrator credentials.”
- Changed the default value from Yes to No.
During the patch installation process:
- The setting will be updated from Yes to No if it has not previously been changed by a tenant administrator.
- If a tenant administrator had previously changed the setting, either to Yes or No, it will not be changed.
With the setting set No, an administrator can choose whether to use auto-generated credentials or specified existing credentials, during the configuration of each LAN Cache. Further details can be found in the help topic.
Note: we do not recommend using auto-generated credentials for LAN Cache in Active Directory domain environments.
- Enhanced the TLS handshake process to prevent a condition where multiple slow connections could degrade system performance over time.
Enhanced the ticket entry form:
- The Title field was renamed to Summary.
- Added a new optional Phone Number field.
- Fixed an issue where macOS Agents were not reporting Last Reboot Time.
- Fixed an issue where newly installed agents attempted check-in using the external name/IP address for the web server instead of the configured “agent check-in name / IP address”.
- Fixed an issue where Quick View would load very slowly or time out in some environments.
- Fixed an issue where updateSystemInfo() commands would fail when trying to update a custom field with more than 100 characters.
- Fixed an issue where the GET /odata/1.0/SoftwareManagementByAgentStats method would return incorrect data.
- Fixed an issue where Domain Watch failed to create VSA users from Azure Active Directory users in some circumstances.
Live Connect App
- Fixed an issue where an error - “The request is invalid” - was displayed when trying to use 1-Click with IT Glue credentials.
- Fixed an issue where resume events after a suspend Alarm period were not written to the Uptime Log, causing inaccurate data in the Uptime History Report.
- Fixed a performance issue with the processing of monitor counter logs.
- Fixed an issue with the View Compliance process where policies would fail to apply in configurations where folders, but no direct policy associations, were assigned to machine groups.
- Fixed a performance issue with loading agent grids in the Policy Management module.
- Fixed an issue where Scope permissions were not respected when using certain REST API endpoints.
- Fixed an issue where the GET /assetmgmt/agents/packages method would fail to return any data.
- Fixed an issue in the VSA REST API which could prevent the MSP Assist plugin from synchronizing correct ticket categories.
- Fixed an issue where multi-patch deployments would fail after the first patch due to a “pending reboot” flag being detected. The patch deployment process will now wait until all patches are deployed before checking for the pending reboot.
- Fixed an issue with the deployment of macOS 13.x (Ventura) OS patches on Intel-based machines.
NOTE: OS patching is not supported on ARM-based macOS machines.
- Fixed an issue where Windows Group Policies would fail to apply to agents.
- Fixed an issue where Views and Report Parts failed to identify machines with a Pending Reboot status.
- Fixed an issue where Patch Scans could fail with this error message - “Error -2147448740: Unexpected error occurred during PmClient run”.
- Fixed an issue where the configured Post Reboot procedure was not executed after patch deployments.
- Fixed a database performance issue where the Software Management > Management > Patch Approval page would fail to load patch details in some environments.
- Fixed a software detection issue with Adobe Acrobat Reader x32-bit version.
- Fixed an issue where outdated Agent Log data was not being archived.
- Fixed an issue with the System > User Security > Scopes page where machine grids could not be filtered.
- Fixed an issue where the Notification Policy alert email body was empty when a user’s password was changed from Active Directory.
- Fixed an issue that could cause slow Outbound Email processing in some environments.
3rd Party Integrations
- Fixed an issue where KaseyaOne authenticated VSA users were unable to press the Allow button to authorize a newly installed 3rd party plugin (TAP module).