The VSA 9.5.5 release includes enhancements and fixes described in the topics below. For minimum system and agent requirements, see these topics in the Kaseya R95 System Requirements Guide: Kaseya Server Minimum Requirements & Configuration and Agent Minimum Requirements.
Important Security Updates
This release contains two important security updates. We are not aware of these issues being publicly disclosed or exploited, however, as we do with each product release, we recommend on-premises customers update to this release as soon as possible (No action is required for SaaS customers as updates are automatically applied).
- A Remote Code Execution Vulnerability was detected and resolved in this release.
- A security enhancement has been added - "Whitelist Attachment Uploads" enabled whitelisting attachments in Service Desk and Ticketing. This whitelist now applies to any file uploads to VSA (not just attachments). If you cannot upload your files on the Kaseya Server, navigate to Server Management > Default Settings and edit the tab "Whitelist Attachment Uploads" to manage the list of extensions.
- Hardened API authentication with a more secure cryptography methodology
This release requires agent version 18.104.22.168. Be sure to update your Windows, Mac, and Linux agents after installing this release.
- Saturday, April 10th - SaaS deployment started.
- Tuesday, April 13th - SaaS deployment completed.
- Thursday, April 15th - General Availability (on-prem customers)
Note: SaaS customers will be informed of their maintenance window via https://status.kaseya.net
Dates are subject to change at short notice. On-prem customers are advised to check this page again prior to attempting upgrade.
The following modules are no longer supported:
- Anti-Malware (Classic)
- Anti-Virus (Classic)
Note: The newer versions of these modules (Anti-Malware and Antivirus) are still supported.
The following features will be removed from the product in Q3, 2021:
- Remote Control > Files/Processes > FTP
- Remote Control > Files/Processes > SSH
- Remote Control > Files/Processes > Task Manager
Note: File transfer, remote console access, and management of running tasks, are now available in Live Connect for all supported operating systems.
- Agent is now supported on Ubuntu 20.4.
- Changed IP location data provider used for country mapping in Audit > View Individual Data > Machine Summary > Network Information from db-ip.com to https://www.ip2location.com/.
This is intended to improve accuracy of IP to country mapping. We also corrected a related issue where data from external provider was not successfully imported into the VSA database.
Note: As the data import runs on a monthly schedule, it may take up to 1 month after updating an existing VSA server to 9.5.5 before the benefit of these changes are seen.
- The VSA now supports using SQL 2017 and SQL 2019 for its backend database.
- Added machine view filter labels for SQL Server 2017 and 2019.
A view with “SQL Server” label checked will now include machines with SQL Server 2017 and 2019, as well as all the other listed versions.
- Fixed an issue where Agent install package for macOS could not be saved with silent install switch(/s), even though Administrator credentials had been entered.
- Fixed the Agent file upload process so that the Agent now checks if a file has valid XML content before uploading to VSA, and does not upload invalid files.
- We fixed an issue where the “Show Advanced” button was not displayed under the Two Factor Auth > Manage Agent Groups page.
User could not log into Live Connect if 2FA was enabled for AuthAnvil(Passly).
We change the precedence of AA 2FA over VSA Native 2FA;
We add number of digits for 2FA to differentiate AA 2FA or VSA Native 2FA in Live Connect 2FA dialogue.
6 digits > Native VSA 2FA
8 digits > AA 2FA
- Remote Control session connected without 2FA prompt when the authentication was configured in the AuthAnvil module.
- We added 2FA functionality for Remote Control when it is initiated from Live Connect.
2FA passcode dialogue is added while RC is initiated from LC
- 2FA is available for all type of RC Sessions: Shared, Private, and 1-Click
- 2FA is available for all the locations from where we can start RC
- Live Connect Asset Browser Page
- Live Connect Navigation Bar
- Live Connect windows thumbnails
- Live Connect Asset Browser Page
To set AA 2FA for Remote Control
- Navigate to the AuthAnvil module > Two Factor Auth > Remote Control Authentication page;
- Select the agent you want to enable 2FA in right column (Agent not requiring authentication);
- Move agent to left column (Agent requiring authentication).
- Fixed an issue where user is required to authenticate with 2FA on login, despite having previously checked “Remember Me on this computer”.
- Alerts for Acronis Active Protection service are now supported.
- Fixed an issue where Domain Watch probes failed with an XML parsing error.
- Fixed an issue where the Delete button remained active on the VMWare and WMI tabs even there were no rows to delete.
- Fixed an issue where discovery failed to automatically deploy agents on SaaS servers.
- Fixed Weekly Report scheduling issue when the user clicked on the list of recipients and saved the schedule screen without going to the first tab then schedule shifted with some random amount of minutes.
- Fixed an issue where the Uptime History report generated in XLS contained mal-formed cells.
- Fixed an issue where some Agent reports didn't respect Machine Id based VSA view selected in the report run parameters, the data returned to report was not correctly filtered.
- Fixed an issue where the red channel was reversed with the blue channel for the thumbnail screenshot on macOS agents in Live Connect.
- Fixed an issue with wmi_mountpoint LUA script monitor where Disk Utilization would always show 0.2%.
- Fixed an issue where agent procedures scheduled by Policy would be incorrectly associated with the user who last saved the Policy Deployment schedule. Now any procedure scheduled by Policy shows as scheduled by *System*.
- Fixed an issue related to using the CTRL key in a KRC Session, where it randomly affected the physical keyboard behavior on the machine running the KRC session, resulting in unexpected behavior.
- Fixed an issue where keystrokes would sometimes be received in the wrong order while working in a Remote Control session.
- Fixed an issue where Group Updates could not save if Category field is required, even if all selected tickets already have the field populated.
- Fixed an issue where CSV file export from the Tickets grid did not contain any data if certain column filters were applied.
- Fixed an issue where the Deploy Patches option did not display the machines specified in the Machine Id filter on the Software Management > Vulnerabilities tab.
- Fixed an issue where the Last Deployment date was updated once the entire patch cycle was complete. Now the Deployment date updates when a deployment task has been conducted on the endpoint in order to reflect the accurate date and timestamp data.
- Fixed an issue during some Software Management scans if Advanced Override > Release date filter is applied to the endpoint.
- Fixed an issue where the error records caused performance issues on the SQL server.
- Fixed an issue where the Patch History page failed to load in the Software Management module.
- Fixed an issue where drop-down selectors in the following locations did not list Organizations in the correct alphabetical order:
- System > User Security > Users - Add User and Edit User dialogues;
- Info Center > Reporting > Reports - Run Now and Schedule dialogues;
- Info Center > Configure & Design > Report Templates - Preview dialogue;
- Info Center > Configure & Design > Report Parts - Preview dialogue.
- Fixed an issue where Account Locked-Out security notification email sent by VSA contained superfluous information.
- Fixed a performance issue with the login page where the 2FA prompt could take a long time to load.