9.5.7g (9.5.7.3516) Maintenance Release - 13 November 2021

Note: 9.5.7g includes new features from 9.5.7f combined with some additional quality improvements. This page lists changes delivered in both releases.

The 9.5.7g (9.5.7.3516) release includes enhancements and fixes described in the topics below. For minimum system and agent requirements, see these topics in the Kaseya R95 System Requirements Guide: Kaseya Server Minimum Requirements & Configuration and Agent Minimum Requirements.   

This release requires agent version 9.5.0.28. Be sure to update your Windows, Mac, and Linux agents after installing this release.  

This release requires an update to the Live Connect application. When starting a Live Connect session for the first time after VSA upgrade, an on-screen prompt will be displayed with link to download the installer. The new version provided in this release supports installation for all users or just the current user: - 

blobid8.png

Note: The “Install just for you” option supports installation without elevated permissions. 

Release Schedule  

  • Scaled SaaS deployment –   Saturday, 13th November, 7 am EST
  • General Availability (on-prem customers) - Wednesday, 17th November, 12 pm EST
  • Full SaaS deployment – Saturday, 20th November, 7 am EST

Note: SaaS customers will be informed of their maintenance window via https://status.kaseya.net 

Dates are subject to change at short notice. On-prem customers are advised to check this page again prior to attempting an upgrade. 

Important Security Updates 

This release contains important security updates.  We recommend on-premises customers update to this release as soon as possible (No action is required for SaaS customers as updates are automatically applied). 

VSA Server Cross-Site Scripting

Severity: Medium (CVSS 4.3) 

Summary: Reflected cross-site scripting was possible via several legacy (unused) files. These vulnerabilities have been remediated by removing the unused vulnerable files. 

VSA API HTTPS Enforcement Enhancement

Severity: Medium (CVSS 5.4)  

Summary: In certain circumstances, an API request via HTTP would be allowed (the client would have to purposely specify HTTP vs. HTTPS).  We have enhanced our API communications to redirect all requests to HTTPS regardless of client protocol. 

New Feature  

Remote Control: Native RDP 

In this release, we added a new feature to VSA Remote Control capabilities, referred to as “Native RDP”. Native RDP can be launched through the Private Session functionality from Quick View and Live Connect menus, as well as from a new “Control Machine” page. It leverages the native Microsoft RDP client on source and target machines, providing a natural experience of using Microsoft RDP directly. However, when launched, the functionality is orchestrated by VSA. The communication channel between the source and target machine is facilitated by VSA Live Connect establishing and maintaining a private, encrypted TCP tunnel for the duration of the session. 

The “New Native RDP” feature is currently supported on Windows only.  

The Native RDP functionality can be restricted within User Roles. Within a given User Role, if the Live Connect > Desktop Access option is unchecked (ie. Disabled) the Native RDP sessions will not be allowed to be established. This follows the same behavior as other VSA Remote Control functionality.  Additionally, there are separate User Role access rights to control whether the “Native RDP” feature button appears on selected VSA pages, like Quick View, and the newly introduced “Control Machine” page within the Remote-Control module.

blobid3.png

blobid4.png

blobid1.png

Remote Control: New Control Machine page 

In this release, we added a new page under Remote Control > Operations > Control Machine. The “Control Machine” page provides a list of Agents along with the ability to quickly launch Remote Control sessions. The page is specifically designed as an end-user landing page - for an end-user who requires the ability to remote control a specific machine(s). 

As an example, if you support end-users who require access to their office workstation(s) when working from home, you can create a VSA account for each end-user and allow access to this new page via User Role Access Rights. 

 The “Control Machine” page can be restricted with User Role Access Rights. User Roles have been enhanced to allow visibility of the page and visibility of the Actions such as the “Remote Control” and “Native RDP” options. 

  • The “Remote Control” action will 
    • launch a standard VSA Shared Session on a Windows or macOS Agent 
    • launch a terminal session on a Linux Agent 
  • The “Native RDP” action will launch the new “Native RDP” feature (see Remote Control: Native RDP section in these release notes for details) 
Note: On the “Control Machine” page, the “Remote Control” and “Native RDP” Actions require the “Live Connect > Desktop Access” User Role to be enabled. To manage User Roles, navigate to the User Roles > Access Rights page.

blobid5.jpg

Filtering Evaluation for the New Control Machine Page 

The Control Machine page contains a new VSA filtering capability. 

Filters on the same field are evaluated with an implicit OR. Filters between different fields are evaluated with an implicit AND. Take the following example: 

blobid6.png

The above expression is equivalent to: 

Status = Online AND “Machine ID” in (“vsaqaw81-001.testmarry.marryorg”, “ws-jiwank-02.root.kserver”) 

Freeform searches are also supported. When using the wildcard search functionality, all page columns will be scanned to refine the search. 

blobid7.png

In the example above, by adding a freeform search of “w81” the results of the original expression would be filtered to include only results containing the text “w81” in any field.  

Multiple search fields are supported. Multiple freeform searches are evaluated with an implicit OR. 

Known Issue

When navigating from other pages to the Control Machine page, currently selected Machine or View filters are de-selected. This will be corrected in a future release.

Enhancements

Remote Control App 

  • Live Connect has been enhanced to support enabling or disabling the recent desktop resolution scaling feature, adding a button to enable the new scaling option and adding scroll bars (if necessary) to the remote session, or disabling it and rendering the entire remote display within the remote control window.
Note: If display settings on target machine are changed during a Remote Control session, the new settings will only be recognized after restarting the session

System Module 

  • Introduced VSA Configuration and Diagnostics (OnStar) report. This is available to Master and System role users from the System > User Settings > Preferences page.

Bug Fixes 

Agents

  • Fixed an issue where asterisk (*) wildcards used in Machine View definitions were not being applied.
Note: This patch will not update existing views. The fix will only take affect after editing and re-saving the view.
Note: This bug fix was not included in the Scaled SaaS deployment on Oct 2nd. All SaaS customers will receive it as part of the Full SaaS deployment.

K1 Integration

  • Streamlined K1 SSO login workflow to remove authentication token exposure to end-user experience.

Live Connect

  • Updated the MacOS VSA Agent to resolve issue with cursor placement in Remote Control related to high-resolution displays.
  • Updated Live Connect desktop client to resolve the issue with the missing URI handler that was used by some third-party integrations.
  • Resolved an issue where the connection failed to restore during the remote control session.

Software Management 

  • Fixed an issue where the wrong language versions of some 3rd party patches were being deployed for machines with Kaseya 2.0 profiles.
Was this article helpful?
0 out of 2 found this helpful
Have more questions? Contact us