Welcome to Kaseya Customer Support!

Kaseya provides professional support worldwide augmented by a searchable knowledge base available 24x7x365.

The Kaseya Knowledge Base
For immediate answers to your technical questions please utilize the Kaseya Knowledge Base. The Kaseya Knowledge Base (KKB) includes a wealth of articles and information to help support you in your installation and usage of the Kaseya IT Automation Framework
If you can't find a solution to your problem in our Knowledge base, you can submit a ticket

 
 

Kaseya

Amado Hidalgo 10 Apr 1 Community / Announcements

A vulnerability in OpenSSL has been recently announced.  Specifically, the (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.


Please see the following links for publicly disclosed details on the OpenSSL Vulnerability:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160
http://www.kb.cert.org/vuls/id/720951

 

Kaseya has reviewed our product offerings in relation to the vulnerability as follows:

Kaseya Virtual Systems Administrator (VSA)
This product does not make use of the affected OpenSSL versions/protocols described in vulnerability CVE-2014-0160.

Kaseya Traverse
This product does not make use of the affected OpenSSL versions/protocols described in vulnerability CVE-2014-0160.

Kaseya Network Monitor (KNM)
This product does not make use of the affected OpenSSL versions/protocols described in vulnerability CVE-2014-0160.

Kaseya 365Command
This product does not make use of the affected OpenSSL versions/protocols described in vulnerability CVE-2014-0160.

Kaseya BYOD Suite
The BYOD Suite had utilized an affected version of OpenSSL for some of its functionality.  We are currently updating the system to the latest version of OpenSSL (which is not affected).  An updated notification will be posted shortly when our update is complete.

Amado Hidalgo 24 Mar Community / Announcements

Dear Valued Kaseya Customer,

We are writing to let you know that several Kaseya customers have been targeted in attacks in which attempts have been made to deploy ‘Litecoin’ mining malware, in some cases successfully. We have investigated these reports and discovered that an application vulnerability was exploited to compromise the ‘kaseyasupport’, ‘KTest’ or ‘SupportTest’ account(s). Using those accounts the attacker deployed the malware to end-user machines using an agent procedure.

While the malware may have allowed the unknown attacker to access end point systems that may contain sensitive data elements, we have seen nothing to suggest that this malware was harvesting personal, financial, or any other kind of sensitive information, or that any individual’s information has been misused as a result of this attack. The actions taken by the attacker appear to be a Litecoin mining operation only, aimed at generating this digital currency.

We have developed and published a patch for both the 6.3 (Patch 6.3.6, Hotfix #8813) and 6.5 (patch 6.5.0.9) releases of Kaseya Virtual System Administrator (VSA) to address this vulnerability, and our SaaS systems have already been patched.

Below is a link to the patch release notes and installation instructions for 6.5 and 6.3 Patch Releases: http://help.kaseya.com/WebHelp/EN/RN/index.asp#PatchReleaseNotes.htm

For 6.3 users, Kaseya Support also has a manually installable individual patch available for those who need it.

If you are a Kaseya VSA on-premise customer, please install these patches as soon as possible to protect your environment. If you are unable to deploy these patches immediately, or are running a VSA release prior to 6.3, please delete the “kaseyasupport” account and do not enable it until you’ve upgraded to the latest release and applied the latest patches. Also, please delete any other currently unused accounts that exist on your server that may have been created historically.

We also recommend that all Kaseya VSA customers, on-premise and SaaS, determine whether the malware has been installed on your system. The signature of this malware is a process running ‘SoftwareUpdate.exe’, version 1.0.0.0, and the file description is 'Apple Software Update’. Please run an audit across all of your endpoints for this executable name and version number to determine whether the malware is present. Instructions to assist you in running this audit are provided in the following Knowledge Base article: https://helpdesk.kaseya.com/entries/46371906

If you determine from the audit that the malware is present in your environment and you need help in removing it, please open a ticket with Kaseya Support using the keyword LCCLEAN in the description. A script is available from Support that can be customized to your environment to assist you in removing the malware efficiently.

As a reminder, you should always ensure that every administrator account password is changed regularly, and that strong passwords are always required.

If you no longer have a current maintenance agreement or subscription, please contact your account manager or send an email to sales@kaseya.com.

Kaseya is committed to quality and security in our products as well as to maintaining transparency in our communications with our customer base. Proactive investigation and remediation of this issue is a top priority for us. Thank you for working with us to ensure this is completed quickly. 

If you have questions or require further assistance, please contact your account representative or open a ticket with Kaseya Support using the keyword LCCLEAN in the description.

 

Sincerely,

Mark Combs

COO, Kaseya

David Brown 18 December 2013 App Infrastructure / Install/Update

QUESTION

I am interested in installing, or am going to upgrade to, the new Kaseya version 6.5. Is there any documentation and checklist I need to follow?

ANSWER

Below you will find documentation for version 6.5 as well as a pre- and post-install checklist.

Pre-Install Checklist

  • Ensure the server meets system requirements, as above. Note: Windows Server 2003 and SQL 2005 and below are not supported.
  • Non-Internet Installs: If your Kaseya Server has no Internet access, please see this article.
  • Disable or uninstall any anti-virus that may be running on the new server during the upgrade process. Anti-virus can interfere with the installation of Kaseya as it can block and/or lock files during the installation process. After the installation of Kaseya we recommend to set exclusions for the entire Kaseya directory (typically C:\Kaseya).
  • As with any software upgrade we recommend having a full backup of your ksubscribers database as well as Kaseya directories. More details are available in the installation guide above.

Post-Install Checklist

  • Verify you are able to update agents. (Note, no more than 100 agents should be updated at the same time. Please stagger accordingly to prevent performance issues.)
  • Verify reports are working
  • Verify Kaseya Live Connect (KLC) works

If you have any other issues after the upgrade, please log a Support ticket at https://helpdesk.kaseya.com  indicating clearly in the Summary line that you are upgrading to v6.5. We will need the Install log. Please ZIP and send everything in the Windows directory beginning with "Kaseya". All the install logs are in the format ofC:\Windows\Kaseyaxxxxxxxxx

 

MORE INFORMATION

Kaseya Software Roadmap: http://community.kaseya.com/p/roadmap.aspx

 

APPLIES TO

Kaseya Server v6.5 On Premise only

 

Overview | Recent