Articles in this section

See more

JetPatch Release Notes 4.2.7

Version: 4.2.7.157 + Connector 4.2.7.219 (September 23, 2024)

Latest UR available on our 4.2.7 Live Repo
Review our pre and post upgrade best practices.

  • UR1 (build 163) + Connector 4.2.7.220 - October 8, 2024
  • UR2 (build 165) - October 14, 2024
  • UR3 (build 166) - November 19, 2024
  • UR4 (build 167) - November 26, 2024
  • UR5 (build 171) - January 12, 2025
  • UR6 (build 172) - January 20, 2025
  • UR7 (build 176) - February 11, 2025
  • UR8 (build 180) - February 26, 2025
  • UR9 (build 184) - March 6, 2025
  • UR10 (build 190) - March 18, 2025
  • UR11 (build 196) - March 25, 2025
  • UR12 (build 197) - March 26, 2025
  • UR13 (build 198) - April 1, 2025
  • UR14 (build 199) - April 3, 2025

Major New Features

Windows Connector Service Logon - Beyond System User

The 4.2.7 Connector now allows configuring a custom administrator logon account for Windows instead of relying on the SYSTEM user

How It Works:

  • The default SYSTEM user remains unchanged for existing services.
  • Admins can now specify an Administrator account during new Connector deployments.
  • The Connector automatically assigns the necessary "Log on as a service" permissions.

3.png

 

"Used By" Resources – Improved Visibility & Control

  • A new "Used By" column has been added across multiple resource management screens.
  • Displays dependencies for rules, filters, and configurations.
  • Clickable references allow easy navigation to related resources.

5.png

Windows End-User Patching – Pre-Patching Notifications

    • Users can configure pre-patch notifications for Windows endpoints.
    • Before patch execution, endpoint users receive a non-intrusive alert notifying them of upcoming patches.
    • These notifications do not disrupt the patching process but allow users to acknowledge them.

4.png

Enhancements to Existing Features

Endpoint Readiness Changes

  • PowerShell Version Check Removed: This check was removed as Windows Server 2008 R2 is no longer supported.

  • WSUS Automatic Updates Check Added: The PowerShell column was replaced with WSUS Automatic Updates (wsusAutomaticUpdates), providing better visibility into update configurations.

  • Simplified Repository Configuration:

    • Before 4.2.7, Repo Configuration required:

      • WSUS URL must match Endpoint Readiness settings

      • hasUpdateServiceLocation = true

      • wsusAutomaticUpdates = true

    • With 4.2.7+, wsusAutomaticUpdates is no longer required, and Repo Configuration now only checks WSUS URL and hasUpdateServiceLocation.

Before 4.2.7

With 4.2.7+

Interactive Reboot Enhancement: Users can now duplicate and customize interactive reboot settings per workflow, allowing more flexibility in restart scenarios.

Sequence Patching Enhancements:

  • Multi-Select Filtering: Users can now apply multiple filters to the Remediation Plan (RP) Board.
  • New Activation Options: RPs associated with Sequence Patching can now be activated even if the sequence has not started.
  • Ignore Expired SLAs: RPs with expired SLAs are now automatically flagged with a new status.

ServiceNow Integration Improvements:

    • Added "Cancelled" as close_notes for the Upload Table when canceling a remediation plan (UR5).
    • Added Review Status and Review Notes Fields (UR6).

Agents & Tools > Exceptions Page Upgrade

Before 4.2.7

With 4.2.7+

  • Enhanced UI: Modernized layout with better readability.
  • Advanced Filtering: Users can filter by multiple criteria (Rule, Tool, Type, Severity, etc.).
  • Improved Status Tracking: Clearer resolution states and timestamps for better issue monitoring.
  • Actionable Insights: Streamlined workflow for managing exceptions efficiently.

Additional Enhancements

  • Full application load time after a Tomcat restart has significantly improved.
  • Added "Infra" and "Apps" category filters in the Patches Catalog (UR1).
  • Improved Remediation Plan Activation Performance (UR5).
  • Added a Python script to list UI users (UR5).
  • ServiceNow Integration: Added support for multiple statuses in Review Status and Review Notes fields (UR6).

  • System > Smart Groups > Assignment: Enhanced Endpoint Status tooltips and color-coded Smart Groups provide clear feedback on assignment. In this example, a Windows Server is in two Smart Groups—one green (ready for patching) and one grey (not ready). Hovering over “Updating endpoint” shows which group is not fully assigned (UR10).

     

Bug Fixes

  • System > Smart Groups: Fixed pagination issues in Smart Group filters.
  • System > Exceptions: Fixed error selecting all tools in the filter under Exceptions.
  • System > CSV Imports: Addressed duplicate endpoints issue during CSV imports.
  • System > Patches > Alma Linux: Resolved 404 error when navigating to Alma Linux patches.
  • System > Patches > Catalog: Corrected vulnerability filter behavior in the Patches Catalog.
  • System > Repository Settings: Ensured CIDR list validation in repository settings.
  • Ubuntu Pro Registration: Enabled Ubuntu Pro subscription registration with ESM repositories (UR1).
  • System > Sequence Patching: Fixed sequence patching filtering issues in the Patches Catalog for endpoint names (UR1).
  • System > REST API: Added missing values in 'enabled', 'apiAccessAllowed' fields in REST API response (UR2).
  • System > Maintenance Windows: Fixed incorrect next slot calculation (UR3).
  • System > Tasks: Resolved unable to save Task that contains script with parameters (UR4).
  • System > WSUS Registration: Fixed CommandNotFoundException error when running "Register Win EP to WSUS" script (UR5).
  • Security Fix: Resolved vulnerabilities in Tomcat (CVE-2024-50379 & CVE-2024-52316) (UR5).
  • Smart Groups > Management: Fixed issue where some groups were stuck with the "Used By" section indefinitely spinning(UR7).
  • Remediation Plan > Compliance Report: Improved page performance for large environments (UR7)
  • RP Board > Action > Cleanup Board: Fixed error message received during cleanup(UR7).
  • Logs: Reduced excessive warnings to prevent vmanage logs from rotating within an hour(UR7).
  • Multiple Env > CSV Download: Fixed issue preventing CSV downloads, even for small filtered sets (UR8).
  • Automated Clean-Up Logic > WSUS: Fixed "unique result set" exception when retrieving groups (UR8).
  • Rules > Automatic Remediation Plan Rules: Fixed incorrect calculation of 'Next Creation' (UR8).
  • System > Patches > Catalog: Fixed an InvalidDataAccessResourceUsageException when limited users (without "Smart groups administration" permission) prevented access to the Patches Catalog (UR9).
  • Remediation Plan > Cancel RPs: Addressed poor performance for large environments to cancel remediation plans (UR9).
  • Remediation Plan > Approve Patches: Improved page performance for large environments (UR9)
  • Endpoints > Readiness: Fixed wrong repository configured issue on AWS Debian 11 and 12 (UR10).
  • Rules > Maintenance Rules: Significantly improved disabling and enabling of MW rules that affects a very large number of endpoints and corrected MW Corrected MW Rule priority issue (UR10).
  • Remediation Plans > WSUS Sync: Reduced the time between RP activation and WSUS Sync Approval to improve efficiency (UR11).
  • Remediation Plans > Performance: Improved RP Load performance for Read-Only users with limited Smart Group scope, ensuring faster access to patching data (UR11).
  • WSUS Group Management: Improved two-way sync (UR11)
  • Help > What’s New: The "What's New" section now correctly navigates to the 4.2.7 Release Notes for better version tracking (UR11).
  • Remediation Plans: Resolved an RBAC issue where users with reduced permissions did not see the "Activate" button for specific smart groups, despite it appearing correctly for others (UR12).
  • Platform Configuration > Logs & Alerts > Tagging Events: Fixed issue where the Azure AD user performing tagging operations was not displayed as the initiator (UR13).
  • Smart Groups (Patching): Fixed an issue introduced in UR11 where upgrading caused duplicated or unexpected random tag filters (e.g., "[groupname group]") in WSUS Smart Groups (UR14).
     

Known Issues

  • Sorting on wsusAutomaticUpdates in Endpoint Readiness results in a red error pop-up, but sorting remains accurate (will be fixed in 4.2.8)
  • Clicking the "Endpoints" link from RP Action Details in Remediation Plan incorrectly filters only by RP-ID (missing Patch Status), causing an incorrect endpoint count(will be fixed in 4.2.8)

  • Endpoints > Management > Manage Tags: Tag deletion blocked if used only by endpoints (regression from Used By logic). Workaround: use Platform Configuration > Servers > Manage Tags. (will be fixed in 4.2.8).

  • Endpoint > Management > Filter by Tags > Manage Tags No visual indication of selected tags during multi-select endpoint selection, making bulk unassignment impossible.  Please use Platform Configuration > Servers > Manage Tags as workaround (multi-select will be fixed in 4.2.8 and select all will be fixed in 4.3.1).
  • Inconsistent Trial Notification about amount of remaining days (will be fixed in 4.3)

Related articles

Comments

0 comments

Please sign in to leave a comment.