Remote Support 24.3.2 release notes
about 1 month ago by Jenny
February 4, 2025
Requirements
- Requires Base 7.3.0.
- Requires ECM 1.6.2.
- Requires Integration Client 1.7.3.
- Supports upgrades from RS 23.3.5+.
- Before upgrading, ensure any SSL certificates used are either from a trusted Certificate Authority, or, for self-signed certificates, the certificate is either trusted on all endpoints or explicitly included in their installation.
Issues resolved
Important
This release includes important security fixes.
- Resolved issues from security advisory BT24-10 , CVE-2024-12356
- Resolved issues from security advisory BT24-11 , CVE-2024-12686
For more information, see BeyondTrust Remote Support SaaS Service Security Investigation.
| Product Area | Description | Resolution |
|---|---|---|
| Exit survey | When customers did not select an item from a dropdown menu in the exit survey, all options were displayed in the report. Additionally, the dropdown options were shown as a list of all options rather than a dropdown menu. This occurred after editing the dropdown question to enable "Allow Multiple Selections," saving, and then disabling "Allow Multiple Selections." | Dropdowns now display correctly. If the customer does not select an option, the default selection for the dropdown is now logged in the report. |
| Android and iOS customer client | When attempting to start a session using issue submission in the Android or iOS customer client, the error "Invalid session key" is displayed. | Sessions initiated using issue submission now start correctly. |
| RDP | RDP authentication would fail when network level authentication (NLA) was turned off and the SecurityLayer registry key was set to 0. The customer would receive the error "RDP authentication failed" when attempting to connect. | RDP authentication now works as expected. |
| Jumpoints | Linux Jumpoints were not upgrading when using the ./init-script start command. Even after manually starting the Jumpoint, the upgrade process would run for a few minutes but then fail, with the administrative interface never showing the Jumpoint as coming online. | The issue was resolved by addressing the upgrade process, allowing Linux Jumpoints to upgrade correctly when using ./init-script start. The Jumpoints now successfully update and appear online as expected. |
| Jumpoints | Jump Zone Proxy information was not correctly propagated when deploying a new Jump Client configured for a Jump Zone Proxy. After an upgrade, all Jump Clients connecting through a Jump Zone Proxy remained offline and stuck in a pending upgrade state. | The underlying issue was addressed, and the proxy configuration migration from NSIS to MSI now correctly writes to the expected section in the proxy.ini file. |
| Stability | Unresolved issues were causing various failures. | Fixes have been applied to address the reported issues and ensure stability. |
| Jump Clients | The migration algorithm that consolidates multiple installations on a machine into copies of a single installed Jump Client was overly aggressive, incorrectly merging machines. | The algorithm now considers both the hardware ID and software ID, along with the system’s reported MAC addresses, to determine which Jump Clients belong to the same machine. Additionally, Jump Clients that have been offline significantly longer than their potential merge counterpart will no longer be consolidated, preventing the unintended resurrection of inactive Jump Client entries. |
| Jump Clients | The Jump Client service intermittently stopped when a laptop went to sleep, hibernated, or switched between wired and Wi-Fi connections. When this occurred, the service error, "The drive cannot find the sector requested" appeared in the event log, and the Jump Client showed as offline in the access console. | The Jump Client now remains online as expected. |
| Jumpoints | Ad-hoc Jump sessions failed to work after an upgrade from 24.2, though they functioned on fresh installs. The issue was caused by URL associations unintentionally being removed. | A fix has been applied to re-create the necessary URL associations if removal occurs during the upgrade. |
| Representative console | After upgrading to 24.3.1, the Console User field displayed the full name instead of the account username on Windows endpoints, preventing user searches by username. | The Console User field now uses the correct method, ensuring that usernames are consistently displayed across all platforms. |
| Public site | Display fields and customer notices for issue submission were overridden by the default public site settings, causing all public sites to display the same fields and notices incorrectly. | Each public site now correctly displays its designated fields and customer notices, ensuring that site-specific settings are applied as expected. |
| Login | FIDO2 logins stopped working in Firefox on Mac and Linux because a detection method used to verify CTAP2 support was removed. | The detection method has been updated, allowing passwordless FIDO2 logins to function correctly in Firefox on Mac and Linux. |
| Jump Clients | Upgrading to 24.3 could leave the database in a state that caused high CPU usage, slowing site performance while remaining functional. If a customer had an "Uninstalled" Windows Jump Client and later installed a new Jump Client, the upgrade incorrectly grouped them as copies. This unusual database state led to repeatedly syncing the Jump Clients in an endless loop. | A fix was implemented to update the restore-script SQL, ensuring uninstalled Jump Clients are ignored when grouping multiple installations. Additionally, logic was added to ungroup uninstalled clients from installed ones during startup.. |
| Stability | Client-initiated disconnects were causing Redis to retain stale client-to-server and client-to-subscriber mappings, leading to a slow memory leak. | The disconnect process now properly cleans up cached details. A housekeeping loop has been added to remove dead connections and subscribers, ensuring efficient memory management. |