Note: 9.5.11a includes all content from 9.5.11 combined with some additional enhancements and quality improvements. This page lists changes delivered in both releases.
The VSA 9.5.11a release includes enhancements and fixes described in the topics below. For minimum system and agent requirements, see these topics in the Kaseya R95 System Requirements Guide: Kaseya Server Minimum Requirements & Configuration and Agent Minimum Requirements.
Release Schedule
- Scaled SaaS Deployment - Saturday, May 14th
- General Availability (On-Prem customers) - Wednesday, May 18th
- Full SaaS Deployment - Sunday, May 22nd
Note: SaaS customers will be informed of their maintenance window via https://status.kaseya.net.
Dates are subject to change at short notice. On-prem customers are advised to check this page again prior to attempting an upgrade.
Critical Security Updates
This release contains important security updates. We recommend that on-premises customers update to this release as soon as possible (No action is required for SaaS customers as updates are automatically applied).
- Fixed a potential Javascript injection vulnerability.
- Strengthened cryptography used for storing hashed API Personal Access Tokens.
- Fixed an issue where sensitive information related to a 3rd party integration was exposed in a web server response for authenticated VSA users.
- Fixed a potential reflected cross-site scripting (XSS) vulnerability.
- Strengthened file upload controls to prevent the arbitrary upload of files to Managed Files area by authenticated users.
Discovery
Custom Device Types!
- We understand that you want your RMM to reflect reality. Based on this, we have added support for custom device types within VSA. By navigating to Discovery>Discovered Devices and using the existing “Change Type” workflow you will be able to select “New Device Type” and provide any new device type that you want to use. If you ever get tired of a previously created custom device type (or make a typo) you can ‘empty’ it by migrating any associated devices and it will be automatically cleaned up by VSA.
- Custom Device Types don’t only exist in VSA, they will be retained in any Kaseya integrations you have configured.
Domain Watch enhanced to support Azure Active Directory!
Azure Active Directory Object Discovery: We are excited to share that the existing Discovery>Domain Watch module has been enhanced to support Azure Active Directory. By providing VSA with an Azure credential, it will automatically discover your Azure Active Directory domains and populate them within Domain Watch. Once you select an Azure Domain, provide filtering within Azure Settings, and enable the domain, VSA will automatically discover all your Azure Active Directory Users, Computers, Groups, and Administrative Units and enable policy management.
Azure Active Directory Agent Deployment for Computers: Deploying agents to existing computers has never been easier. Just define an Agent Deployment policy within the tab after selecting an Azure domain within Domain Watch and VSA will take care of the heavy lifting! Manual agent deployment is also available within Discovery>Computers by using the Deploy Agent button.
Log in using Azure credentials: Want to use your Azure credentials to log into VSA? Don’t worry, it’s easy. Just create a new VSA user within the Domain Watch>Policies>Users tab and log in using the ‘Login with Microsoft’ button on the VSA login screen.
Azure Domain User Management: Basic Azure user management including enabling, disabling, and resetting passwords is available within Discovery>Domains>Users.
Azure Alerting Profiles: The ability to surface and manage alarms, tickets, and e-mails on behalf of Azure objects is configurable in the Discovery>Domain Watch>Alerting Profiles tab.
..more: While we are excited to launch our support for Azure Active Directory, we can’t share everything here. We encourage you to check out the Discovery>Domain Watch module including the Policies tab.
Software Management
- In this release, we have added the Patches Pending Review column to the profile list in the Patch Approval.
- In this release, we have added an option to schedule a reboot after deployment. You can choose one or several days within the week to execute the reboot action. The reboot action will be executed only if needed, according to the patch deployment procedure.
The new option is added to the Deployment profile form: in the Reboot Options block, there is a new select box «Perform Reboot Action» with values «On Schedule», and «Immediately» (default).
If the Perform Reboot Action is set to On Schedule, the reboot procedure will run at the closest day/ time after deployment. If the scheduled reboot failed to run VSA will try to run it during the next available scheduled day/time. - In this release, we have added an option to remove the minimum restriction on the «Distribution window» parameter within the Deployment profile. The option is available for server administrators as a checkbox “Software Management: Enable Minimum Distribution Window to 1 hour“on the System > Server Management > Configure page.
By default, the option is turned on. VSA team recommends keeping this option checked, otherwise, the server performance could be significantly degraded during the patch deployment process.
Enhancements
Cloud Backup
- In this release, we have certified support for Cloud Backup with two-factor authentication (2FA) enabled on the Acronis tenant, provided that the account used for the integration has been configured as a service account. Configuration details can be found in this KB article - https://helpdesk.kaseya.com/hc/en-gb/articles/4931052358417
Passly (Authanvil) Integration
- Authanvil > Two Factor Auth > Agent Procedure Approval page has been updated to accept multiple VSA users with a comma-separated list. All specified users may approve their own Agent Procedures using their Passly Authenticator, provided their User Role has the “Approve Using Authanvil” right.
Policy Management
- Removed deprecated “Legacy Remote Control Log” checkbox from the log history section of the policy view.
Remote Control App
- Updated Live Connect's desktop resolution scaling feature with a slider to adjust the scaling factor.
- Updated Live Connect with a button to prevent the end-user from viewing any screen activity during a remote-control session (Windows-only).
REST API
In this release, we have added the following new REST API routes:
- Return managed variables with their values - GET /api/v1.0/automation/variables
- Return disk volume information – GET api/v1.0/assetmgmt/audit/hardware/diskvolumes/all
- Create new ticket in Service Desk - POST api/v1.0/automation/servicedesktickets/{ServiceDeskId}/ticket
Service Desk
This release adds support for OAuth 2.0 authentication to Service Desk Email Reader, allowing secure authentication to email platforms such as Office 365.
- When adding or editing an Email Reader, you can now enable OAuth 2.0 authentication and enter Application and Directory IDs: -
- OAuth 2.0 authentication can be enabled with POP3 or IMAP Transport.
User Portal
- End-users who submit tickets to Service Desk via User Portal can now select up to 4 levels of categorization (Category + 4 levels of sub-category) as defined in the desk definition.
- Known issue: If Service Desk does not have all 5 levels defined, User Portal shows one non-defined category as available for selection, but containing no values. This will be corrected in the next release.
- Known issue: If Service Desk does not have all 5 levels defined, User Portal shows one non-defined category as available for selection, but containing no values. This will be corrected in the next release.
Bug Fixes
- Fixed an issue where duplicate items were being displayed in the VSA left navigation menu.
Agent App
- Fixed an issue where "K" branded MacOS Agent icons with generic icons are replaced.
Agent Module
- Fixed an issue where “All workstations” or “All Servers” views that were last edited prior to 9.5.9 were not showing Windows 11 or Server 2022 machines. Affected views will now be automatically updated during the patch installation process.
Authentication
- Fixed an issue where the customized title entered on the System > Customize > Site Customization page was not reflected on the login page.
Discovery
- Fixed an issue where Network Discovery scans in some environments would get stuck in a “Performing Deep Scan” status and would never complete.
Monitoring
- Fixed an issue in Monitoring> Dashboard>Dashboard List> Classic Console>Group Alarm Status where the Oops page was displayed after clicking on any group.
Authanvil(Passly) Integration
- Fixed an issue where the user was directed to an “Oops” page after clicking the Save button at the time of server configuration.
Remote Control Module
- Fixed issue on Control Machines page where column filter was not displaying incorrectly after search results load.
- Fixed error when contact information is changed in User Portal on Control Machines page and Agent machine at the same time.
Rest API
- Fixed an issue where customers were unable to use domain credentials for API authentication.
- Fixed an issue where the agent status was not correctly displayed in the search bar of the new user interface.
- Fixed an issue where the Rest API call GET /automation/servicedesktickets/{ticketId}/notes were not returning in response to the actual Time entered on an “AddNoteWith” Time entry.
- Fixed an issue where API request to GET /api/v1.5/discovery/networks would not return networks without a probe assigned.
Service Desk
- Fixed an issue where the Email Reader was using TLS v1.0 instead of v1.2 for IMAP and POP3 protocols.
Software Management
- Fixed an issue where auto-scan was not running after the scheduled reboot.
- Fixed an issue where 3rd-Party Software deployment was not working if 3rd-Party Software 2.0 profile was not assigned to the machine.
- Fixed an issue where the machine-affected number was not matching the vulnerable machine count.
- Fixed an issue where the cron logic was not working on the last weekday deployment.
- Fixed an issue where Patch Approval events could be logged against the wrong tenant in Software Management > Application Logging.
User Portal
- Fixed issue with BMS integration where asset contact was appearing in the additional contact records in notes.
UI/UX
- Fixed issue with incorrect Agent Status icons appearing in Search Machines results for specific states.
- Fixed issue with vertical scrollbar not being displayed when switching between User Roles and Scopes when 20+ items are present.
- Fixed issue with incorrect Agent Status icons appearing in Search Machines results, list, and in the Control Machines page in Remote Control module.
- Fixed an issue where the cursor was not automatically focused on the Search for Machines field when expanded.