A security vulnerability was removed: CVE-2015-2862 - Improper Limitation of Pathname to a Restricted Directory - An authenticated user can send a specially crafted HTTP message to traverse directories and download arbitrary files from the server hosting the VSA software. (IP-848/SVE-2332)
A security vulnerability was removed: CVE-2015-2863 Kaseya Virtual System Administrator (VSA) versions V7.x, R8.x and R9.x contain an open redirect vulnerability. An attacker may be able to leverage users' trust in the domain to induce them to click a link to a Kaseya server with special parameters and then be redirected to a site with malicious content. (IP-859/SVE-2333)
Anti-Malware (Classic)
Fixed an issue that prevented AntiMalware scans scheduled by AntiMalware policy to be executed. This fix also addresses an issue with the display of scan results. (IP-460/SVE-798)
Antivirus (Classic)
Added a fix that ensures the Kaspersky installer downloads to the VSA after the Antivirus module is installed, even if the download is interrupted. (IP-584/SVE-1869)
