Note: 9.5.7g includes new features from 9.5.7f combined with some additional quality improvements. This page lists changes delivered in both releases.
The 9.5.7g (126.96.36.19916) release includes enhancements and fixes described in the topics below. For minimum system and agent requirements, see these topics in the Kaseya R95 System Requirements Guide: Kaseya Server Minimum Requirements & Configuration and Agent Minimum Requirements.
This release requires an update to the Live Connect application. When starting a Live Connect session for the first time after VSA upgrade, an on-screen prompt will be displayed with link to download the installer. The new version provided in this release supports installation for all users or just the current user: -
Note: The “Install just for you” option supports installation without elevated permissions. If there is an existing "all users" installation, it must be uninstalled by a user with elevated permissions before per-user installations can be completed.
- Scaled SaaS deployment – Saturday, 13th November, 7 am EST
- General Availability (on-prem customers) - Wednesday, 17th November, 12 pm EST
- Full SaaS deployment – Saturday, 20th November, 7 am EST
Note: SaaS customers will be informed of their maintenance window via https://status.kaseya.net.
Dates are subject to change at short notice. On-prem customers are advised to check this page again prior to attempting an upgrade.
Important Security Updates
This release contains important security updates. We recommend on-premises customers update to this release as soon as possible (No action is required for SaaS customers as updates are automatically applied).
VSA Server Cross-Site Scripting
Severity: Medium (CVSS 4.3)
Summary: Reflected cross-site scripting was possible via several legacy (unused) files. These vulnerabilities have been remediated by removing the unused vulnerable files.
VSA API HTTPS Enforcement Enhancement
Severity: Medium (CVSS 5.4)
Summary: In certain circumstances, an API request via HTTP would be allowed (the client would have to purposely specify HTTP vs. HTTPS). We have enhanced our API communications to redirect all requests to HTTPS regardless of client protocol.
Remote Control: Native RDP
In this release, we added a new feature to VSA Remote Control capabilities, referred to as “Native RDP”. Native RDP can be launched through the Private Session functionality from Quick View and Live Connect menus, as well as from a new “Control Machine” page. It leverages the native Microsoft RDP client on source and target machines, providing a natural experience of using Microsoft RDP directly. However, when launched, the functionality is orchestrated by VSA. The communication channel between the source and target machine is facilitated by VSA Live Connect establishing and maintaining a private, encrypted TCP tunnel for the duration of the session.
The “New Native RDP” feature is currently supported on Windows only.
The Native RDP functionality can be restricted within User Roles. Within a given User Role, if the Live Connect > Desktop Access option is unchecked (ie. Disabled) the Native RDP sessions will not be allowed to be established. This follows the same behavior as other VSA Remote Control functionality. Additionally, there are separate User Role access rights to control whether the “Native RDP” feature button appears on selected VSA pages, like Quick View, and the newly introduced “Control Machine” page within the Remote-Control module.
Remote Control: New Control Machine page
In this release, we added a new page under Remote Control > Operations > Control Machine. The “Control Machine” page provides a list of Agents along with the ability to quickly launch Remote Control sessions. The page is specifically designed as an end-user landing page - for an end-user who requires the ability to remote control a specific machine(s).
As an example, if you support end-users who require access to their office workstation(s) when working from home, you can create a VSA account for each end-user and allow access to this new page via User Role Access Rights.
The “Control Machine” page can be restricted with User Role Access Rights. User Roles have been enhanced to allow visibility of the page and visibility of the Actions such as the “Remote Control” and “Native RDP” options.
- The “Remote Control” action will
- launch a standard VSA Shared Session on a Windows or macOS Agent
- launch a terminal session on a Linux Agent
- The “Native RDP” action will launch the new “Native RDP” feature (see Remote Control: Native RDP section in these release notes for details)
Filtering Evaluation for the New Control Machine Page
The Control Machine page contains a new VSA filtering capability.
Filters on the same field are evaluated with an implicit OR. Filters between different fields are evaluated with an implicit AND. Take the following example:
The above expression is equivalent to:
Status = Online AND “Machine ID” in (“vsaqaw81-001.testmarry.marryorg”, “ws-jiwank-02.root.kserver”)
Freeform searches are also supported. When using the wildcard search functionality, all page columns will be scanned to refine the search.
In the example above, by adding a freeform search of “w81” the results of the original expression would be filtered to include only results containing the text “w81” in any field.
Multiple search fields are supported. Multiple freeform searches are evaluated with an implicit OR.
When navigating from other pages to the Control Machine page, currently selected Machine or View filters are de-selected. This will be corrected in a future release.
Remote Control App
- Live Connect has been enhanced to support enabling or disabling the recent desktop resolution scaling feature, adding a button to enable the new scaling option and adding scroll bars (if necessary) to the remote session, or disabling it and rendering the entire remote display within the remote control window.
- Introduced VSA Configuration and Diagnostics (OnStar) report. This is available to Master and System role users from the System > User Settings > Preferences page.
- Fixed an issue where asterisk (*) wildcards used in Machine View definitions were not being applied.
- Streamlined K1 SSO login workflow to remove authentication token exposure to end-user experience.
- Updated the MacOS VSA Agent to resolve issue with cursor placement in Remote Control related to high-resolution displays.
- Updated Live Connect desktop client to resolve the issue with the missing URI handler that was used by some third-party integrations.
- Resolved an issue where the connection failed to restore during the remote control session.
- Fixed an issue where the wrong language versions of some 3rd party patches were being deployed for machines with Kaseya 2.0 profiles.