Resolved a local privilege escalation flaw (CVE-2017-12410) - a Time of Check & Time of Use (TOCTOU) flaw exists within the VSA agent on the endpoint where a user can take advantage of a rare condition, which could result in executing code with system privileges. The likelihood of practical exploit is low. This flaw cannot be executed remotely and requires that an attacker has already compromised the underlying machine gaining local control of the endpoint with the ability to execute their own code. (NINEFOURPT-892/EES-1771)
Retired a number of legacy web application pages. (NINEFOURPT-862/SDP-4323)
Virtual System Administrator™
Corrected an issue which, under some circumstances, would cause the Edge Services to crash during shutdown. (NINEFOURPT-868/EES-2487)
Corrected an issue limited to new VSA 9.4 installs where the vSystemInfoManual view ends up missing when creating custom fields. (NINEFOURPT-704/SDP-2811)
Added support for Storage only as a tenant option in VSA multi-tenancy configurations (NINEFOURPT-822/APPF-2744)
Improved page load performance in Agent > Agents > Manage Agents allowing quicker data population across a large number of agents and machine groups. (NINEFOURPT-890/APPF-3311)
Agent
The agent version is updated to 9.4.0.17. (NINEFOURPT-888)
Fixed a discrepancy where agents’ last reboot times on the VSA differed from their actual reboot times. (NINEFOURPT-854/EES-1623)
Resolved an issue where if archiving is enabled, log tables were not purged from the database. (NINEFOURPT-836/SDP-3949)
Live Connect
Corrected the misaligned loader and miscellaneous symbols in the header. (NINEFOURPT-827/AF-3328)
The Filtered View option now allows you to search, apply, and remove views reliably. (NINEFOURPT-844/AF-2918).
The Live Connect launcher on the VSA is now updated to improve user experience. It will no longer require successful connection to the endpoint nor claim that you may not have Live Connect installed. The end result is a more seamless launch. (NINEFOURPT-637/AF-2611)
End users directed to the Live Connect on Demand page (/gethelp) will end up redirected to HTTP despite SSL being enforced on the VSA server. This has been corrected to enforce SSL at all times. (NINEFOURPT-799/SDP-3897)
Policy Management
Fixed an issue with compliance checking so it doesn’t mark policy as out-of-compliance if it contains a scheduled agent procedure. (NINEFOURPT-850/SDP-4100) (NINEFOURPT-893/SDP-4452)
Patch schedules will now properly handle monthly recurring schedules and keep original start dates across multiple creation instances. (NINEFOURPT-794/SDP-3285)
Discovery
Corrected a query that would fail to insert a discovered device’s MAC address despite having picked up the correct MAC address. (NINEFOURPT-763/DISMON-1626)
Fixed an issue where, under some circumstances, alarms for Domain Watch were not functioning correctly. (NINEFOURPT-771/DISMON-1463)
Network Monitoring
Fixed an issue with Mail Server QOS monitor reporting round trip time incorrectly if the time zone was not in UTC. (NINEFOURPT-815/EES-2074)
Attempting to add an asset to a network node would result in an error. This is now corrected. (NINEFOURPT-465/DISMON-2205)
Monitoring
Unassigning a policy containing monitor sets would result in not properly deleting monitor objects on the agent end. This has been corrected. (NINEFOURPT-693/DISMON-978)
Resolved an issue associated with certain custom object (MIB) files where checkboxes would be missing preventing it from being uploaded. (NINEFOURPT-698/DISMON-1165)
Service Desk
Service Desk will no longer automatically send out e-mails to submitters if only user names are entered as part of the Submitter details. (NINEFOURPT-784/EXT-3391)
Ticketing
Fixed an issue where the Ticket Notes UI would block attachment downloads. (NINEFOURPT-834/EXT-3366)
Fixed an issue where splitting tickets caused two entries in both tickets. (NINEFOURPT-830/EXT-1938)
Fixed an issue associated with ticketing where the creator’s name returns empty. (NINEFOURPT-788/EXT-3322)
Software Management
Corrected the link of the Help button to accurately direct to VSA 9.4 documentation. (NINEFOURPT-886/SDP-4401)
Patch Management
Corrected an issue where in some cases patch management would not properly retrieve and deploy updates on freshly installed operating systems. (NINEFOURPT-675/SDP-3637)
Antivirus
Corrected an instance where no errors are reported back to the VSA server when KAV tasks fail on the endpoint due to a specific missing registry key. (NINEFOURPT-776/EXT-2744)
Fixed an issue where certain KAV profile assignments would fail due to a null value. (NINEFOURPT-807/EXT-2148)
Compliance is checked against only online agents so policies are not forced to re-apply on offline agents causing them to reschedule scans. (NINEFOURPT-775/EXT-3400)
Cloud Backup
The Acronis Cloud Backup agent version is updated to 12.0.4492. (NINEFOURPT-744/EXT-3424)
Having a filter set such as Last Backup Status and Installed On while attempting to click on Manage Backups will no longer throw an invalid column name error. (NINEFOURPT-773/EXT-3191)
Implemented automatic logging and cleanup of bad data so subsequent Cloud Backup alerts would not be prevented from being sent. (NINEFOURPT-781/EXT-3304)
Data Backup
Updated Support for Windows Server 2016. (NINEFOURPT-544/EXT-2453)
InfoCenter
Added a new report part that publishes Live Connect-specific actions from Agent Logs > Technician Logs > Live Connect. (NINEFOURPT-855/SDP-4288)
AuthAnvil
Server and agent alerts will now save properly if the alert is deselected and an invalid e-mail list was previously inputted into the e-mail recipients list. (NINEFOURPT-609/IAMV-5966)
API
Fixed an issue where the REST API returned a null Asset ID for Service Desk tickets. (NINEFOURPT-711/EXT-3299)
Fixed an issue where Put calls to system/orgs/{orgId} were not able to update organization custom fields. (NINEFOURPT-835/APPF-3041)
