Articles in this section

See more

JetPatch Release Notes 4.2.4

Important Note: If upgrading from 4.1.2 or before, please read the 4.2.3 release notes.

Version: 4.2.4.137 + Connector 4.2.4.215 (Apr 2nd, 2023)

  • 4.2.4 UR1 (build 148) - Apr 23, 2023
  • 4.2.4 UR2 (build 162) - May 7, 2023
  • 4.2.4 UR3 (build 173) - May 25, 2023
  • 4.2.4 UR4 (build 180) + Connector 4.2.4.216 - June 7, 2023
  • 4.2.4 UR5 (build 191) + Connector 4.2.4.218 - June 29, 2023 
  • 4.2.4 UR6 (build 194) - July 13, 2023
  • 4.2.4 UR7 (build 199) - August 18, 2023
  • 4.2.4 UR8 (build 199, rpm 433) - September 20, 2023

Note - To upgrade to 4.2.4 using the repository, see: Upgrading JetPatch using repository

What's New?  

Extended Platforms Support 

Requires latest 4.2.4 connector

  • Red Hat Enterprise Linux 9
    • Support for Patches and Agents
  • Windows Server 2022
    • Support for Patches and Agents
  • Ubuntu
    • Ubuntu 22
      • Support for Patches and Agents 
    • Ubuntu Security Notices (USN)
  • AlmaLinux OS
    • Support for Patches and Agents
      • Alma Linux 8
      • Alma Linux 9

Visit JetPatch Supported Platforms for more information.

Rules Screen

Places all Existing and New Rules Under One Section

 

New Rule - Maintenance Schedule Rule

Under the ‘Rules’ Section, there is now Maintenance Rules, which allows you to cr eate a rule to auto-assign Smart Group to Maintenance Window (MW) - This means all the Endpoints will auto-assign to the selected MW

You will be able to Create / Edit MW Rule By Selecting the Smart Groups & The Maintenance Window to be Auto-Assigned

Note: You can also create a New Smart Group and Maintenance from this window.

Continuous Improvements

 

Remediation Plan Improvements

Send an Email on Remediation Plan Completion

When an active Remediation Plan is Moved to the ‘Completed’ Status, JetPatch can now send a notification email with an executive summary

Create Blank RP Immediately from Remediation Plans Screen

New option to instantly create a New and Empty Remediation Plan, directly from the Remediation Plans Screen.

This Option Places under the list of options shown in the ACTIONS button.

blank_rp.png

 

AWS Organization Multi-Account Support 

JetPatch can now connect to the Master (or Trusted) account in a given AWS Organization, allowing the user to have access to list the available child (or Trusting) accounts and to assume the role of all child accounts. This new feature(single account) is available as of 4.2.4 UR6. Starting 4.2.4 UR7 Multi-Account is supported.     

In order to modify the default member role, use the “aws.members.role“ in intigua.properties

image-20230713-193922.png

Endpoint Readiness Improvements 

Add New Calculation Percentage 'Total Readiness'

Add New Section to display the Total Readiness that will Calculate based on All Status (Ready, Not Ready, and Unknown)

Note: Effective Readiness is based on what's Ready vs Not Ready (excluding Unknown)

Show the Readiness Activity Details

On page Endpoints > Readiness, the Endpoint Name value of each EP presented in the table should be a clickable link. Once clicked it will open a modal to display the latest Activity Details of that EP that is related to the task Endpoint readiness for <OS> endpoint

You can update the results by checking the endpoint and clicking on Actions > Run Readiness Tests (then waiting 1-2 mins and clicking on the EP link again.

See Endpoint Readiness Overview for more information
 

Auto-configure Endpoint Readiness Repositories

Under Repository List Title we’ll add 2 Options :

  • Manual

    • By selecting an option for manual

      • The system will behave as it is now without any changes

  • Autocomplete - New

    • By selecting an option for Autocomplete

      • New Search Field will be displayed

      • The search will bring all matches Endpoints (Search - ‘Include’) & display them on a Table with the relevant information

 

Run as an Unmanaged Task

From version 4.2.4 UR3 (Connector 4.2.4.216) onwards, unmanaged tasks can be executed without connector monitoring. This execution will not obstruct the Endpoint from running additional tasks in its regular run (System / User / User Schedule).

When the User chooses to execute a task as an Unmanaged Task:

  • The task will run as an Unmanaged Task.
  • The task will run without a timeout, disregarding the configured timeout on Task Settings (located on the 'Configuration' Tab).
  • The task will run without Connector monitoring.
  • It will be possible to set the task to run at a specific time.
  • Running a task as Unmanaged will not prevent the Endpoint from executing additional tasks in its regular run (System / User / User Schedule)."

Note: It is required to make configuration changes for this feature to work:

  1. Connect to the JetPatch Core server through SSH and edit the file /usr/share/tomcat/default/conf/intigua.properties
  2. Add the line
automation.task.unmanaged.enabled=true   

     3. Save the file and restart the tomcat.

To run the task please follow the same steps from "Run Task". Make sure the option "Run as Unmanaged Task" is selected. 

 

UI Improvements

Various improvements have been made to the UI to not only improve the visual aspect of JetPatch but also many workflow improvements.

Manage Tags

Create an Additional option to manage Tags under Endpoint > Management screen

Procedures available for this Button

  • Performed CRUD operations for TAGS
    • When the user Only clicks the button (without selecting the endpoint) he will have the option to create, update and delete TAGS
    • ASSIGN Button - Disable
    • Select Tags - Disable
  • Assign Tags to Endpoints
    • The user will select an Endpoint and by clicking the button will be able to associate them with TAGS, as well as be able to create a new TAG, update or delete existing TAGS
    • ASSIGN Button - Enable
  • Import Tags

Visit Tagging Endpoints for more information.
 

Table UI / UX Changes

As you can see, there have various changes On Multiple Screens :  

  • Set Statuses Directly from Table - Rules / Scripts
  • More Buttons & Table Design
  • More Help Links
ef69001f-9427-4d51-b1a1-29e8dd58cd62.png

  • Add the ability to search by IP

    • Adding ‘IP Address’ Columns & the ability to search also by IP for all the ‘Endpoints’ Tables Screens
      • Endpoint > Management
      • Endpoint > Activities
      • Endpoint > Maintenance
      • Endpoint > Groups
      • Endpoint > Readiness
      • Predictive Patching > How to Improve

Endpoint Activities

Various improvements have been made to the Screen & Table Details :

  • Default ‘Task Type’ - ‘All’ (Include System & User Schedule)
  • Add New Sorting Option - ‘Activity Status'
  • Mark Statuses with Relevant Colors
    • Succeeded
    • In Progress
    • Queued
    • Error
    • Fail
    • Canceled
6cb49ba1-7184-44b4-8cf0-5658b9401599.png
New Warning Icon for Endpoints

If an endpoint is in the “updating endpoint” status in Endpoints > Groups,  which can prevent patching, a new warning is display on Endpoints > Management

Reports and Dashboards

New CSV Report

New CSV Report was Added to the Endpoints > Management: Endpoint Management Report segment by Operating Systems. This report creates a Pivot Table based on the endpoint compliance & OS Family

Insights Improvement

Dashboards > Insights: Add The Ability to Filter according to Patches Release ‘Age’ for Dedicated Reports

  • Adding New Filter 'Released more then…” with Values: 14 - 90 Days
    • Patches By Age
    • Endpoints By Oldest Missing Patch

dashboard.png

 

Connector Improvements

Requires latest 4.2.4 connector

Ability to manual upgrade connector from endpoint itself

  1. Move the vai file of the new connector (for example vlink_Windows_all-arch_4.2.4.211_1.0_Release.vai) that we want to install, to the endpoint (for example to the Temp directory "C:\Windows\Temp")
  2. Run the new CLI command (for example: intigua.exe upgrade_connector C:\Windows\Temp\vlink_Windows_all-arch_4.2.4.211_1.0_Release.vai
  3. Check the connector version by running "intigua.exe connector" CLI command
  4. Ceck if the agents still run on the endpoint by running "intigua.exe val" CLI command

Other UI/UX Improvements

  • The default workflows, Patch Windows and Patch Linux, now include the post-patching task "Check If [Windows/Linux] Reboot Is Needed And Reboot If Needed" by default.
  • Create Smart Group - Allow Bulk Inputs for common fields (Endpoint Name, Hostname, and IP Address)
  • Support > Download JetPatch Logs - Include also 'Activities' Report
  • Azure Discovery Source - Auto-Adding Tags Based on the Subscription ID
  • Compliance Report - Removed Unnecessary Endpoint Compliance Graph
  • GWT > Servers - 'Discovery source' & 'Last status collected' enabled by default
  • Custom Compliance Rule - Add Icon 'Show Patch Filter'
  • System > Compliance > Replace the 'Tag' Filter with 'Smart Group' Selection
  • System > Maintenance Schedule - Make Number of Endpoints Cells Clickable
  • Pending Reboot Suspension default from 3 days to 1 day.
  • Logs & Alerts - Extended logs
  • WSUS - Improved Capacities, Communication, and Synchronization
  • Added the ability to search by IP in Predictive Patching (Added In: 4.2.4 UR1)
  • Trial Mode enhancements (Added In: 4.2.4 UR1)
  • The CVE listed in the column of a remediation plan is now a clickable link to the given CVE (Added In: 4.2.4 UR4)
     

Bug Fixes

  • Tasks - User Scheduled Queued Tasks now persist after tomcat restart 
  • Unable to patch WSUS Server with JetPatch if it is apart of multiple smart groups 
  • Patching WSUS Replica Servers with JetPatch - No longer need to set WUA of Replica to Primary, see article 
  • Patches Catalogs - No Indication for broken saved filter Based on Smart Groups 
  • Predictive Patching - Smart Group statistics can show the same group twice 
  • Predictive Analytics disabled only on new installed
  • In Endpoints > Activities, "Succeeded" in the Status column is cut off at the final letter 
  • Broken filter based on Smart Groups
  • If you are using JetPatch to patch WSUS Replicas, please make sure the Replicas are pointing to the Primary (see article), otherwise replica endpoints will be stuck in "Synchronizing Endpoint".
  • In Endpoints>Management>Manage Tags, Select Tags did not display previously selected tags. (Fixed In: 4.2.4 UR1)
  • Fixed issue while using Unignore in Agent&Tools>Exceptions (Fixed In: 4.2.4 UR1)
  • Names are not visible in the checklist in Agent&Tools>Exceptions (Fixed In: 4.2.4 UR1)
  • Selecting all statuses in Endpoints>Management displays no endpoints (Fixed In: 4.2.4 UR1)
  • Filtering by Windows operating system in Endpoints>Readiness>Autocomplete displays no endpoints (Fixed In: 4.2.4 UR1)
  • Fixed an issue where dropdown menus in open windows would get cut off (Fixed In: 4.2.4 UR1)
  • Users with Server Scope are supposed to be allowed to see Compliance Rules (Fixed In: 4.2.4 UR1)
  • Fixed an endpoint population issue in discovery when using multiple active discovery sources (Fixed In: 4.2.4 UR2)
  • Fixed an issue that caused CPU spikes while using the "Collect endpoint updates" task on linux endpoints (Fixed In: 4.2.4 UR2)
  • Fixed an issue that caused queued tasks to not cancel when using the Cancel feature in Endpoints > Management (Fixed In: 4.2.4 UR2)
  • Enhancements to Ubuntu patch processing (Fixed In: 4.2.4 UR2)
  • Improved patch selection processing (Fixed In: 4.2.4 UR3)
  • Improved connector compatibility with AIX systems (Fixed In: 4.2.4 UR3)
  • Improved the dropdown for Applicable Endpoint Compliance Status (Fixed In: 4.2.4 UR3)
  • Trial life experience improvements (Fixed In: 4.2.4 UR3)
  • Added .vai to compatible file types for logos in the Tools Catalog (Fixed In: 4.2.4 UR3)
  • Enhanced Tomcat processing on Linux systems (Fixed In: 4.2.4 UR3)
  • Improved Maintenance Schedule advanced filtering (Fixed In: 4.2.4 UR3)
  • Improvements to the Manager Log Export function (Fixed In 4.2.4 UR3)
  • Improved the filtering for Exemptions in Predictive Patching (Fixed In: 4.2.4 UR3)
  • Fixed known issue from 4.2.3: "Predictive Patching - Smart Group statistics can show the same group twice" (Fixed In: 4.2.4 UR3)

  • Filters now persist when switching across different pages (Fixed In: 4.2.4 UR3)

  • Improvements to compliance calculation (Fixed In: 4.2.4 UR4)
  • Fixed a display bug when filtering Remediation Plans by CVE column (Fixed In: 4.2.4 UR4)
  • Improvements to discovery in the patch catalog (Fixed In: 4.2.4 UR4)
  • Fixed an issue related to persisting permissions tied to deleted groups in JetAgent (Fixed In: 4.2.4 UR5)
  • Improvements to the Run Task feature in Endpoints > Management in JetAgent (Fixed In: 4.2.4 UR5)
  • Fixed a bug where the tools catalog would get stuck while loading (Fixed In: 4.2.4 UR5)
  • Improvements to the Patch Catalog regarding WSUS updates (Fixed In: 4.2.4 UR5)
  • Added a reference to the troubleshooting article in the error prompt related to high load or low disk space on a target server (Fixed In: 4.2.4 UR5)
  • Corrected JetAgent displaying settings pages not relevant to the product (Fixed In: 4.2.4 UR5)
  • Fixed an error displaying duplicate entries for endpoints in Endpoints > Management in JetAgent (Fixed In: 4.2.4 UR5)
  • Patch compliance fix (Fixed In: 4.2.4 UR7)
  • Updated tomcat (Added In: 4.2.4 UR8)

Known Issues

From Previous Versions

  • Unable to patch WSUS Server with JetPatch if it is apart of multiple smart groups (Fix: 4.2.6)
  • Patching WSUS Replica Servers with JetPatch - Must set WUA of Replica to Primary, see article (Fix: 4.2.6)
  • WSUS servers operating in Client Side Targeting mode are not supported in this version.  Client side targeting is not necessary with the move to smart groups and the WSUS group management mechanism enhancement. (Fix: 4.3)
  • Dashboard->Operating System filter drop down list is not aligned with user server scope (Fix: 4.3)
 
 
 

Related articles

Comments

0 comments

Please sign in to leave a comment.