October 6, 2020

New features and enhancements:

• Resolved issue registering non-evaluation licenses after using Eval Mode on 2020R1 (Windows 2016) image.

• Resolved issue with Roles Editor error handling when API parameters outside expected values were used.

• Resolved issue with calls that were testing outbound connectivity against the licensing server.

• Resolved several escalation-related critical defects.

Notes:

• This update is available via the BeyondTrust Updater or as a manual installer from the download tool.
• Shipping on new Appliance Images in October 2020.
• The Standalone Roles Editor Installer will remain at version 3.2.1 as there were no related changes in 3.2.3.
• This install is dependent on SUPI 3.0 being installed first (all UVM versions since 3.2.2 have this requirement).

September 3, 2020

New features and enhancements:

• Improved the security update installation workflow with new screens.

• Added support for the new SUPI 3.0 Engine. Added screens for package details and history.

• You can now schedule the installation of SUPI packages.

• The PBW role now retains role settings set by the user and does not overwrite them with policy settings.

• Improved communication between BTUpdater and the UVM Software.

• Added support for BeyondInsight 7.0 database calls.

Known issues:

• Attempting UPLOAD CRYPTO KEY OPTIONS fails with ERROR: Could not find a part of the path.
• Product versions do not display on the LCD Panel.
• High Availability setup does not work if user has custom SSL certs in the UVM certificates store.
• When performing a backup with a remote BeyondInsight database and a local Auditing & Reporting database, there could be an invalid login attempt for SA user looking for BeyondInsightReporting on the remote db.
• When invalid dates are used to schedule a SUPI update, some of the pop-up messages returned are not in a user-friendly format.
• Warning card when not subscribed to SUPI subscriptions is not displayed in a warning banner.
• The Schedule Update card is displaying a radio button of an incorrect size and alignment.
• Odd highlighting can occur when UI items receive focus.
• A SUPI 3.0 radio button and accompanying text are not aligned properly in the GUI.
• A Date Time picker cannot be disabled in the GUI.
• When running a repair on UVM Software, an error is displayed: The specified account already exists.
• When uninstalling, UVM Software Services are not completely removed or not removed at all.
• On the SUPI Updates page, the second failed package is missing failed icon.
• On the SUPI Updates page, any error message past two lines is aligned incorrectly.
• Update Package Name is aligned incorrectly on the Update History page.
• UVM Time on the Schedule a Reboot page shows users the time but not the UVM time.

Notes:

• The Standalone Roles Editor Installer will remain at version 3.2.1 as there were no related changes in 3.2.2.

September 3, 2020

New features and enhancements:

• Added SUPX format packages, which distribute EZPatch packages to make UVM Appliance (environment) changes.

• Added MSUPI format packages, which can distribute Microsoft KB updates or third-party software.

• Converted SUPI Engine/EXE to a service that works the same as the EXE did on 2012-R2.

• Updated the SUPI Service on Server 2016 systems to install KBs without use of the offline scan cab file.

• Added feature to schedule installation of SUPI packages.

• Enhanced SUPI Service on W2016 to install EzPatch/SUPX packages to return installation progress updates.

• Added additional subscriptions to deliver the new update types.

• Supports Legacy SUPI Functionality.

Notes:

• This release will not install to Server 2008 UVMs.
• When installed on a Server 2012 UVM, the following new Subscriptions are added with the install:
  • UVM Supporting Software
  • UVM Environment
• When installed on a Server 2016 UVM, the following new Subscriptions are added with the install:
  • UVM Supporting Software
  • UVM Environment
  • Security patches for SQL 2016
• The desktop SUPI.EXE no longer has a user interface but can still be used at the command prompt to support scripting.
• This installer is a prerequisite to installing UVM Software 3.2.2.

March 12, 2020

New features and enhancements:

• The appliance now boots and is app-and-services ready faster by setting a service health handler.

• UVM Protection policy improvements (file name and service logic).

• As an Administrator, you can now view the UVM Protection Policy Name and creation date in Maintenance to help determine which policy is currently applied.

• The installer and services have been changed from DPAPI to ACL entries in the registry.

• Improved backups; refactored the UVMInterface Version class and added it to the ApplianceSystemDetails service.

• Ported the Rename Machine and IP Settings Functions to the SystemAccessService and the BIAPI Service.

• Improved authentication services code.

• Updated the backup service to run under Backup operators.

• The BeyondTrust EULA is now displayed in the Configuration Wizard.

• Backups are excluded from the transaction logs so that they do not take up space in the backup location; transaction logs are no longer restored.

• The timeouts for restore and data migration functions have been increased.

• Added a check for the Identity Service running state in LegacyDataMigrationJob.

• Added a global dependency check to backup/restore and make plugin dependency checks role-aware.

• If the Administrator account is locked, it is now unlocked when a new password is set.

Issues resolved:

• Resolved an issue in which notification events prior to configuration appeared in the user's notification dropdown.
• Resolved an issue in which an incorrect error was displayed on login pages when a login failure occurred.
• Resolved an issue in which a reboot pending call returned a 404 error on a Roles Editor's login page.
• Resolved an issue in which the Apply Updated Settings button did not appear when Diagnostics was viewed specifically in the Internet Explorer 11 browser.
• Resolved an issue in which the High Availability for Services Only option could not be set for the High Availability Role in the Roles Editor.
• Resolved an issue in which cell spacing for the blue product versions page in the configuration wizard results in unnecessary word wrap or text being displayed out of the cell area.
• Resolved a formatting issue that resulted when the version card was selected on final configuration wizard page.
• Resolved an issue in which pages were not loading properly if the user was on a page for an extended period of time, but not yet at the timeout limit.
• Resolved an issue that caused a double install when running the UVM Software Installer and the UVM was pending reboot.
• Resolved an issue that was preventing the update of a Central Policy password via the UVM UI.
• Resolved an issue with unexpected AM/PM selector behavior experienced when scheduling a backup.
• Resolved an issue during installation in which a delay in removing the Maintenance folder caused a retry prompt.
• Resolved an issue in which service alerts could not be toggled on and off without a page refresh.
• Resolved an issue in which sending a test email did not display a confirmation message in the UI; resized the email address display to fit longer addresses.
• Resolved an issue in which the diagnostics Analyzer tool failed to run a report.
• Resolved an issue in which Services does not restart when a user switches roles back in HA Service Only configuration.
• Resolved an issue in which the message Error finding SQL server path was returned when a 2019-R1 UVM Appliance was renamed.
• Resolved an issue in which BeyondInsight Database Access indicated that there was a local SQL server when the appliance did not actually have one.
• Resolved an issue in which multiple services in existing installs were set to Take No Action on failure.
• Resolved an issue in which the Retina plugin in backups did not include a path for RetinaSetup622.
• Resolved an issue in which passwords were visible in the log file and during processing during a restore.
• Resolved an issue in which a minimum version check broke the automated build pipeline.
• Resolved an issue in which a Check for Available Updates pop-up notification containing visible HTML code was displayed.
• Resolved an issue in which service encryption was impacted after sysprep.
• Resolved an issue that made the Maintenance and Diagnostics pages inaccessible after RADIUS Authentication was enabled but not added to the btadmin account.
• Resolved an issue in which the Roles Editor displayed pending changes after a restore when there were none.
• Resolved an issue that was causing the login page to break because initial access to pre-logon banner settings allowed for invalid settings.
• Resolved an issue in the High Availability application where the Set High Availability and Update Settings buttons were disabled after changing text values on the screen.
• Resolved an issue that caused restore from backup to fail on 2016 UVM.
• Resolved an issue in which backups run after an upgrade to 3.2 failed due to an incorrect database path when attempting to back up the BeyondInsight Analytics and Reporting database.
• Resolved an issue in which backups run after an upgrade to 3.2 failed due to an incorrect database connection when attempting to back up the BeyondInsight Analytics and Reporting database.
• Resolved an issue that caused backups to fail if the Windows UserName was changed.
• Resolved an issue in which BIUL backups were failing with the message Could not find a part of the path.
• Resolved an issue in which Invalid records could be added to a 3.2.0 backup database.
• Corrected the import logic for importing schedules in which it was not checking for an existing backup location.
• Corrected an issue in which backup locations could not be edited or deleted.
• Resolved an issue in which renaming the UVM's admin account without restarting the SQL service can cause backups to fail.
• Resolved an issue in which settings are not saved to the SQLite table if not using an existing location from the backups page.
• Resolved an issue in which existing backups are not detected as candidates when running a restore on a cold spare.
• Resolved an issue in which roles would not load if the SQL Server Service or the SQL Server agent was in a stopped state.
• Resolved an issue in which the login card authentication service was not running an error message.
• Resolved an issue in which failed services did not restart because a dependent service did not start.
• Resolved an issue in which schedule backup notifications were spawning at 12PM instead of 12 AM.
• Resolved an issue in which schedule backup and restore jobs were not getting deleted on scheduled update.
• Resolved an issue in which a Backup Service Account change caused a restore of 3.2.0 backups to fail on 3.2.1.
• Resolved an issue that was causing the backup service to consume a large amount of memory.

Known issues:

• NTP Server is displayed as Local CMOS Clock and reverts to default after setting NTP to none.
• Missing pre-logon banner message should be highlighted in red with warning message consistent with missing banner title.
• A VMWare Tools periodic time sync option is visible both on a physical UVM and Hyper-V UVM, but should not be.
• Button outline for Next button has a separate square outside of the typical click area.
• The Legacy Restore Tool is not signed.
• The Backup Extraction Tool is not signed.
• When Evaluation Mode is available, the serial numbers from the config file will not populate.
• The default SSL bindings cause an issue with World Wide Publishing Services and UVM Services when the customer has custom IP certificate binding.
• The login page comes up without displaying banner messages.
• Resolved an issue in which, because a user saved the Logon Banner settings without all the required fields filled out, loading the logon page would result in the username and password fields not being populated with their labels.
• The Configuration Wizard prerequisite page does not check for the License Processing Service.
• A reference to BT Security Mgmt Appliance application for 3.1.5 is not being removed from the list of installed programs.
• The Trigger Connections Test is disabled on the API Key Maintenance page.
• There is a typo on the Review screen when choosing Evaluation Mode.
• Snackbar notifications prevent clicking any items on either side of popup.
• The BeyondTrust logo on the login page is not displayed in the proper size.
• The top of the first notification is cut off in the notifications list.
• The list of appliance software versions has changed the sort order and the Security Management Appliance version is no longer at the top.
• The Appliance Logs page lists services which no longer exist and is missing some that do.
• Resolved an issue in which the BIUL Role in the Roles Editor would show a previously configured remote BIUL database to be local.
• On a hardware UVM, after applying changes to Service Alerts, the two Apply Changes buttons are disabled until the page has been refreshed.
• Schedule a Reboot items are misaligned at smaller browser sizes.
• The BeyondTrust Appliance API Key Management service crashes unexpectedly.
• The login card does not indicate a reboot is required when there is a pending reboot.
• The Include Session Files in Backup option is unchecked after checking it for the schedule.
• The confirmation message when discarding changes refers to undefined.
• Corrected a typo in a snack bar message that should have read The scheduled appliance reboot has been cleared successfully.
• The Windows license key displayed in Maintenance > Accounts & Licensing is not accurate on the 2016 UVM.
• UVM Interface Log file [INF] items should be [WRN] items.
• Taking a backup using a 3.2.1 build 49 fails on a 2008 R2\SQl 2008 R2 appliance.
• The authentication service doesn't have access to the BeyondInsight database it needs to fully do a RADIUS login.

Notes:

• With this release, there will also be a 3.2.1 Standalone Roles Editor Installer made available for Software Installs.
• This update is available via BeyondTrust Updater or as a manual installer from the download tool. Shipping on new Appliance Images in March 2020.

January 7, 2020

New features and enhancements:

• A plug-in based architecture is now in place for the Backup feature.

• UVM software is available in Evaluation Mode for a 30-day period.

• Rebranded PowerBroker Servers Management Console to BeyondInsight for Unix & Linux.

• A Backup & Restore Migration tool is available to upgrade deprecated UVM appliances.

• If you are running Windows 2008 R1 or R2, then a message is displayed when you log into the UVM software (all apps) indicating the OS has been deprecated and needs to be upgraded.

• The frontend for the web applications is updated to Angular 1.7.

• The Customer Portal option in Maintenance is no longer available as a way to activate serial numbers.

• The Customer Portal option on the Configuration wizard is no longer available as a way to activate serial numbers.

• When going through the Configuration wizard, the option to go to the Roles Editor is no longer available. You can go to the Roles Editor and change settings on roles after you finish the Configuration wizard.

• The option to configure High Availability (HA) is no longer available in the Configuration wizard.

Issues resolved:

• Resolved an issue where services were missing from Health/Services tracking.

Known issues:

• Unable to uninstall Configure Repository Product.
• Cannot update Central Policy password via UVM UI.
• Pre-logon banner has extra space in input field.
• Sometimes the Banner Page login and notification icons remain even when logged out.
• AM/PM selector strange behaviour when scheduling a backup.
• Some backups using a FQDN remain in a state of in progress forever. The log shows that the backup failed.
• Toasters remain after timeout or log out of the UI.

Notes:

• Update is available through BeyondTrust Updater or as a manual installation from the download tool.
• There is a 3.2 Standalone Roles Editor Installer available for Software Installs.

August 27, 2019

Issues resolved:

• Resolved an issue when attempting to perform an HA pair. Database restores longer than 100 seconds would generate a timeout error.

Known issues:

• Cell spacing for the Blue Product versions page in the configuration wizard results in unnecessary word wrap or text being displayed out of cell area.
• Formatting issues occur when the version card is selected on the final configuration wizard page.
• References to Retina have not been updated to BeyondTrust Security Scanner.
• SMTP values are not lined up properly in the configuration wizard.
• The Maintenance > General Settings > Date/time button does not function.
• The message "Patch Management: Service eEyeThirdPArtyPatchService2k12 was not found on computer" is received when changing Roles Templates.
• The Appliance Software Version tile appears empty.

Notes:

• Update is available through BeyondTrust Updater or as a manual installation from the download tool.
• The Standalone Roles Editor and UVMSQL installers have not been updated as the above issue does not impact those installs.

June 18, 2019

New features and enhancements:

• Extra data included in the exported role template file.
• Input data not being sanitized.
• PBSMC Role does not display with fresh install of 9.0.0 (not an upgrade).
• Maintenance page does not show version for PBSMC/BIUL after a fresh install.
• Unauthenticated API call returning version information.
• Updated the UVM installer and software to be compatible with Windows 2016.
• Retrofitted the UVM software to disable features not used by the UVMSQL Appliance.
• Added code signing for five .NET Core 2.1 projects.
• Removed the use of the haadmin account.
• Updated UVM management software to support Windows 2016 and SQL 2016.
• Created upgrade path for previously installed licenses.
• Created a PowerBroker for Windows Protection role.
• Rebranded many areas of the user interface.
• Updated builds to sign with the latest certificate.
• Migrated API key information into the version 3.0 API key service.
• Refactored the Template Import to apply validation prior to populating the Draft view.
• Added logic to allow upgrades between builds.

Known issues:

• Certificates created on February 29th (leap year day) are invalid.
• Unable to bitlocker c:\ on 20 or 50 (TPM not enabled).
• On all pages, the Next button does not enable until unblur.
• Favicon not present (MS Edge Only).
• Cannot press Enter to select buttons (space works).
• Page jumps around when trying to scroll down (MS Edge).
• Disabled checkbox is ever so slightly different size than enabled.
• When pressing tab through a page there is no indication of currently being on a radio button (network page).
• When on step 8, step 9 is valid so progress shows as 90%.
• Home and End keys do not function for intended purpose within a text box.
• Time picker does not allow input of two digits when specifying the time (Safari).
• Appliance Discovery Tools returns "Error: The appliance did not respond" when changing the IP but IP change was successful.
• Auto redirect to diagnostics when configuration wizard completes does not work on Safari.
• Password Safe portal error connecting to Active/Active SQL server.
• eEye Digital Program Folder listing restored to Start Menu programs after BI update.
• In Diagnostics, there should be a warning if CAPS LOCK is on when logging in.
• EventServer generating Service alerts on HA Secondary saying it was terminated unexpectedly.
• "Configure Notifications" or "View all notifications" pages do not allow clicking the previous page through the navigation menu.
• Machine reboot after rename is recorded as an unexpected shutdown and displays a prompt at next logon.
• Unnecessary word wrap for creating database line item.
• The username is no longer displayed when you click on the profile icon on the header.
• New machine name in URL fields are not being applied to BI (REMEMConfig).
• Syncit Update errors on non-configured UVM.
• If a backup is taking a while and the page times out (user does not extend session) the backup progress indication is lost (backup still completes though).
• Time Zone, date, and time picker in config wizard do not display a default value in Azure (deployed as UTC).
• Plugging in another USB device when on a specific menu on the LCD screen will cause the LCD to bump back to the main screen.
• Color Blind settings do not work.
• Change how EULA's are returned in Config Wizard - MIM potential with http injection.
• Page not designed for Portrait layout print option for optimal viewing.
• Shutting off the BeyondTrust UVM Service will shut off Diagnostics.
• An underscore is displayed in the selected counter.
• Dashboard graph shows nothing (no faded color of graph) when SQL Mem/Disk/CPU Usage is 0%.
• BT Header does not always display on release notes page.
• Weekly CPU performance data may already contain data on new images.
• Some inconsistent formatting is presented in the MS/SQL/BT EULAs.
• Unable to RDP to UVM when FIPS is enabled.
• CSP errors returned on HA page for exclamation mark image on toaster.
• The "Apply Pending Changes" is slow to complete when applying any change to a role (noticeably slower than UVM performance).
• when a role is disabled, the tile is black and the white font in the Name is not visible.
• When changing product serial numbers an error message displays duplicate messages.
• On the license version, a value of "Unknown" is not right-aligned like a numerical version.
• Invalid name space error returned on config wizard.
• Refreshing the Analytics And Reporting Web Service Endpoints fails on UVM's running SQL 2008R2.
• BI database initialization fails on 2014R4 image.
• There are timeouts with some lics but not others.
• Unable to view the complete text of a notification.
• After running configuration wizard the BI URLs still show the old machine name.
• In Azure, Spectre/Meltdown card not showing UVM as patched, even though it is.
• Unable to use Emergency Recovery tool when password has been set to blank.
• HA and session archiving fail when SHA is disabled.
• Stopping the BTUpdater service results in it being displayed twice on the stopped services side.
• There is a large white space area in log export card.
• Opening any page on UVM seems to cause a shake effect, more-so on right side of page.
• When enabling a role, the spinner is not long enough and the pending state change page takes too long to return to normal.
• Large numbers in the performance counters are right-aligning.
• Apply Security Updates doesn't always trigger the supi.exe file.
• PowerBroker for Windows Importer checkbox does not work.
• Internet Explorer screen rendering not sizing correctly.
• Inverse Colors setting does not display the tools' labels.
• Enterprise Update Server Role displays as enabled during config wizard.
• No feedback is available for status of database creation once browser window is closed.
• Remote MultiSubnet for Database Creation page defaults to ON.
• Minimal formatting on the database creation page success pop-up dialog.
• ApplianceInformation API call was added to Maintenance and Diagnostics pages pre-login but was not removed once new method was used for populating menu.
• Under Diagnostic Tools, Internet Explorer does not render the screen size correctly.
• Under Settings Tools, the Inverse Colors setting does not display the Tools labels.
• The Enterprise Update Server role displays as Enabled in the configuration wizard.
• Once the browser window is closed, no feedback is not provided about the status of database creation.
• The Remote MultiSubnet option on the Database Creation page defaults to ON.
• There is minimal formatting on the Database Creation page for the success dialog.
• The ApplianceInformation API call still appears on the Maintenance and Diagnostics pages before login.

Notes:

• Update is available through BeyondTrust Updater or as a manual installation from the download tool.
• With this release, there is not a 3.1.2 Standalone Roles Editor available for software installation.
• The 3.0.4 installer was released exclusively to UVMSQL appliances. The 3.1.2 installer is the first 3.x installation for regular UVM users.

May 14, 2019

New features and enhancements:

• Updated the UVM installer and software to be compatible with Windows 2016.
• Retrofitted the UVM software to disable features not used by the UVMSQL Appliance.
• Added code signing for five .NET Core 2.1 projects.
• Removed the use of the haadmin account.
• Updated UVM management software to support Windows 2016 and SQL 2016.
• Created upgrade path for previously installed licenses.
• Created a PowerBroker for Windows Protection role.
• Rebranded many areas of the user interface.
• Updated builds to sign with the latest certificate.
• Migrated API key information into the version 3.0 API key service.
• Refactored the Template Import to apply validation prior to populating the Draft view.
• Added logic to allow upgrades between builds.

Known issues:

• Under Diagnostic Tools, Internet Explorer does not render the screen size correctly.
• Under Settings Tools, the Inverse Colors setting does not display the Tools labels.
• The Enterprise Update Server role displays as Enabled in the configuration wizard.
• Once the browser window is closed, no feedback is not provided about the status of database creation.
• The Remote MultiSubnet option on the Database Creation page defaults to ON.
• There is minimal formatting on the Database Creation page for the success dialog.
• The ApplianceInformation API call still appears on the Maintenance and Diagnostics pages before login.

Notes:

• Update is available through BeyondTrust Updater or as a manual installation from the download tool.
• With this release, there is not a 3.1.2 Standalone Roles Editor available for software installation.
• The 3.0.4 installer was released exclusively to UVMSQL appliances. The 3.1.2 installer is the first 3.x installation for regular UVM users.

May 14, 2019

New Appliance Image:

• Created new 2016 images for all UVM appliances.
• Created a new BTAdmin account .
• Identified new local policy settings to meet the 2016 CIS benchmarks.
• Created new a hardening process with new local policies and new FIM rules.
• Added ability for Windows Defender to be installed and configured from BeyondTrust Updater as well as receive updates from BeyondTrust Updater.
• Set Windows Event Logs retention policy and archiving.
• Updated protection to be provided by Windows Defender and PowerBroker for Windows.
• Configured PowerBroker for Windows events data from the Notifications page to be sent to BeyondInsight.
• Modified PowerBroker for Windows policies to allow SQL Server service shutdowns.
• Updated PowerBroker for Windows to push updates to the default policy for all UVM appliances.
• Updated the firewall listing and included the list as a part of the hardening process.
• Edited the Windows Firewall configuration to allow inbound port 2383 on UVM’s with SQL Server.

Notes:

• New appliances will ship with this image starting May 2019.

March 12, 2019

New features and enhancements:

• Now purging MSSQL Server install logs prior to shipping.
• Now purging SyncIt items prior to shipping.
• Created a new 2020-R1 image with UVM 3.2 & BeyondInsight 6.10 pre-installed.
• Added finished building image pop-up that provides next steps when reimaging.
• Updated UVM Protection Policy subscription on base image.
• Removed SQL license option in post deployment script.
• Added installation of SUPI packages to post deployment scripts (after downloads complete).
• Removed SQL Server 2017 Start Menu Items.
• Created build automation to create new UVM image from scratch.
• Moved application of hardening from build pipeline to postdeploy scripts.
• Removed UVMSQL option from builduvm.bat menu.
• Added Azure AD PS module to base image.
• Added SUPI installation to Automated Image.

Issues resolved:

• Resolved an issue in which the Firewall for UVMSQL and UVM manual images had folder path for SQL2014 instead of SQL2016.
• Resolved an issue that caused the screen to flicker when running Prepare for shipping.bat.
• Resolved an issue in which the Analytics & Reporting User, Content Manager, and Browser roles were not set.
• Resolved an issue in which there were duplicate firewall entries on sqlFree image.
• Resolved an issue in which the Event Server firewall rule had an incorrect folder path.
• Resolved an issue in which the deploy scripts attempted to set the startup type for the BIUL service when it was no longer required.
• Resolved an issue in which the user was unable to access C: drive on some UVMs and received the message C:\ is not accessible. Access is denied.
• Resolved an issue in which the AWS firewall rules appeared on the sqlFree image.
• Resolved an issue in which the Virtual Image disk is not large enough.
• Resolved an issue in which btMonthlyMaintenance SQL job was missing.
• Resolved an issue in which the post deploy script was interrupted with a prompt to shut down the SQL Server Launchpad service.
• Resolved an issue in which the user was getting an Access Denied to c:\ error on hardware UVMs only.