Version 4.2.8.199 + Connector 4.2.8.24
Released: March 20, 2025
- Latest UR available on our 4.2.8 Live Repo
- Review our pre- and post-upgrade best practices.
| Update Rollup | Release Date | Components |
| UR1 (build 202) | March 27, 2025 | — |
| UR2 (build 211) | April 7, 2025 | Connector 4.2.8.26 |
| UR3 (build 223) | April 23, 2025 | Connector 4.2.8.28 |
| UR4 (build 228) | April 29, 2025 | Connector 4.2.8.29 |
| UR5 (build 235) | May 13, 2025 | — |
| UR6 (build 254) | June 8, 2025 | Connector 4.2.8.210 |
| UR7 (build 258) | June 29, 2025 | — |
| UR8 (build 263) | August 10, 2025 | — |
| UR9 (build 268) | September 16, 2025 | — |
| UR10 (build 273) | October 13, 2025 | — |
| UR11 (build 274) | October 22, 2025 | — |
| UR12 (build 276) | November 5, 2025 | — |
| UR13 (build 277) | November 9, 2025 | Connector 4.2.8.213 |
| UR14 (build 278) | November 13, 2025 | Tomcat 9.0.112 |
| UR15 (build 278) | November 19, 2025 | Connector 4.2.8.214 |
| UR16 (build 281) | December 30, 2025 | Connector 4.2.8.215, Tomcat 9.0.113 |
| UR17 (build 285) | January 20, 2026 | Connector 4.2.8.216 |
| UR18 (build 288) | February 16, 2026 | Connector 4.2.8.218, Tomcat 9.0.115 |
Extended Platform Support
| Note: New OS support requires the latest 4.2.8 connector. |
| Operating System | Support Scope | UR |
| Windows Server 2025 | Patches and Agents | UR11 |
| Ubuntu 24.04 LTS | Patches and Agents | — |
| Amazon Linux 2023 | Patches and Agents | — |
| SUSE 15.6 | Patches and Agents | — |
| AIX 7.3 | Patches only | — |
| macOS 14 Sonoma (Intel Only) | Connector and Tasks only. Patch support for Intel and ARM coming in version 5.6. | — |
Major New Features
Patch Management Without WSUS (WSUS-Less)
Windows endpoints can now retrieve patches directly from Microsoft Update, eliminating the need for a WSUS server while integrating with existing JetPatch workflows.
|
Notes: • Requires the 4.2.8 connector. • Supports hybrid mode: some endpoints can point to WSUS while others connect directly to Microsoft cloud. |
| Topic | Details |
| Full Support | JetPatch supports both WSUS (Primary and Replica) and direct/proxy Microsoft Cloud updates, with the same features and patch governance in both modes. |
| Decision Criteria | Use WSUS if any requirements prevent direct or proxy communication with the Microsoft Cloud. |
| Hybrid Model | Endpoints that cannot connect to the Microsoft Cloud can be serviced through WSUS, while others connect directly. Each segment is configured according to its connectivity requirements. |
For configuration details, see the WSUS-Less configuration article.
Task Scheduler
Users can now create scheduled tasks for existing Smart Groups, with a regular execution cycle.
- Accessible under the new Schedulers section in the main menu.
- Click +New to define a Task Scheduler with name, Smart Group, task, and frequency settings.
- Relevant use case: separate recurring reboot time from recurring Remediation Plan time.
Resource Duplication on Multiple Pages
You can now duplicate resources on the following additional pages:
- Patches > Patch Bundle > Manage Patch Bundles
- Agents > Managed Agents > Policy
- Rules > Maintenance Rule
- System > Smart Groups > Management
- System > Workflows
- Users > Roles & Permissions
Connector Log Rotation
| Note: Applies automatically upon upgrade to Connector version 4.2.8. |
- When the log directory exceeds 450 MB, the connector automatically deletes the oldest logs hourly.
- Individual log file size remains capped at 1 MB.
UI/UX Enhancements
Support Menu: "Chat with us."
Opens JetPatch Support Bot in a new browser tab.
Users Section
-
Users tab migrated to new “Users” screens:
Directories
Management
Roles & Permissions
Smart Groups (System > Smart Groups > Create Smart Group)
-
Filter improvements: Include/Exclude options are now available (similar to Patches Catalog).
Compliance Flag & Info
- Compliance status (ON/OFF) is displayed in the header.
- Number links to “Compliance Rules” screen, filtered by "Enable."
Endpoint Readiness
- Added “Last time 100% ready” column displaying date/time of full readiness.
- Also modified to support WSUSLess and Hybrid mode
Bug Fixes & Other Improvements
Added
| Area | Description | UR |
| All Resources & Activities | Added confirmation dialog for Enable/Disable/Re-run actions. | UR1 |
| Endpoint Management | Added tag filter for easier sorting. | UR2 |
| Automatic RP Rule | Added Status filter. | UR2 |
| System > Scripts & Tasks | Added built-in task for WSUS-less prerequisites script. | UR2 |
| Endpoint > Manage Tags | Added ability to unassign tags directly and from multiple endpoints. | UR3 |
| Scripts > Linux | Added script to register endpoints with local Linux repository. | UR3 |
| Policy > Accounts | Added rule support for Mac endpoints discovered via vCenter. | UR3 |
| Scripts > Linux | Added built-in task to disable IPv6 and auto-reboot supported Linux systems (RHEL, Oracle, AlmaLinux, Rocky). | UR4 |
| System > Maintenance Schedule API | Added support for creating/deleting Maintenance Schedule via API and handling bulk entries. | UR5 |
| Connector > Core URL Configuration | Introduced PowerShell script to enable modify_csclient_core_url on Windows. | UR6 |
| All Pages | Added Refresh buttons to relevant pages. | UR2 |
| System > Activities | Added Time range filters (From Date / To Date) under More Filters. | UR18 |
Fixed
| Area | Description | UR |
| System > Smart Groups > Assignment | Fixed assignment table sometimes appearing empty. | UR1 |
| Agents > Managed Agents | Fixed icon change after creating a rule. | UR1 |
| Help > What's New | Correctly redirects to 4.2.8 Release Notes. | UR1 |
| Agents & Tools > Managed Agents | Fixed bug preventing creation of built-in service after new files were introduced. | UR1 |
| Windows 2016 (WSUS-less) | Fixed Microsoft Update enablement issue. | UR2 |
| Connector > Mac | Fixed upgrade exceptions and command execution errors. | UR2, UR3 |
| System > vCenter Discovery | Resolved some OSes detected as "unknown". | UR2 |
| System > Scripts | Fixed Windows WSUS-less script executing on WSUS-configured machines. | UR3 |
| Endpoints > Activities | Fixed start date filtering returning incorrect results. | UR3 |
| Plans > Bulk RP Actions | Fixed "Archive All Canceled Plans" not archiving policy-canceled plans. | UR4 |
| Endpoints > Management | Fixed patching status not reported for AIX 7.x endpoints. | UR4 |
| Connector > Amazon Linux | Fixed deployment failure on Amazon Linux 2023 due to missing status file. | UR4 |
| Endpoint > OS Detection | Fixed incorrect identification of Amazon Linux 2023 endpoints. | UR4 |
| UI > Endpoint Merge | Resolved duplicate servers during Azure VM merge. | UR5 |
| UI > Settings > Discovery Sources | Fixed re-adding ARM (Azure) Discovery Sources after removal. | UR5 |
| System > Maintenance Schedule | Restored 50+ character limit; fixed time field overwrite issue. | UR6 |
| System > WSUS Sync | Enhanced logic to recover replicas stuck in SYNC_FAILED. | UR6 |
| System > Initialization | Aligned config options to reduce manager startup time post-upgrade. | UR6 |
| Endpoint Readiness | Resolved NullPointerException during readiness event processing. | UR6 |
| WSUS-less | Improved logic to skip WSUS sync approval on WSUS-less endpoints during RP execution. | UR6 |
| Endpoint Readiness > UI | Adjusted Endpoint Readiness column sizing and value truncation. | UR6 |
| System > Maintenance Schedule | Pagination implemented, removing 20-entry display limit. | UR6 |
| Connector > Installation | Resolved Ubuntu 22.04 installation failures. | UR6 |
| UI > Servers | Fixed bug preventing service creation in GWT, resolving missing management tool details and configuration tabs. | UR6 |
| Patches > Catalog | Fixed empty Release Date for WSUS-less endpoints. | UR6 |
| System > WSUS Updates | Resolved NullPointerException preventing WSUS update processing. | UR6 |
| Windows > WUA Connectivity | Updated check_WUA_search.ps1 for simplified pass/fail testing and error surfacing. | UR6 |
| Ubuntu > Patch Installation | Fixed install_patch_ubuntu.sh for Ubuntu 22.04+. | UR7 |
| Hybrid Windows > WSUS Approval | Enhanced wsus-sync-approval-status.ps1 for hybrid WSUS/WSUS-less mode. | UR7 |
| Patches > Catalog | Restored Ubuntu patch coverage using USN mailing list parsing after API failures. | UR8 |
| Connector Deployment > Linux | Fixed deployment issue for sudo user via UI; default temp directory now /var/jetpatch-temp with cleanup. | UR9 |
| System > Smart Groups | Screen displayed for JetAgent product type; Support Patch Activities flag unchecked/uneditable. | UR9 |
| Patch Catalog > Windows | Fixed updates missing due to product name length limitation; backend updated for multiple product references per patch. | UR10 |
| Windows Updates Scan | Product field corrected from string to array; Category reverted to string. | UR10 |
| Smart Groups | Multiple TAG-based filters now return correct results; logic updated for Tag and Tag (text) conditions. | UR10 |
| Platform | Fixed Ubuntu 24 patching issue due to incorrect .sources handling. | UR12 |
| Connector Deployment > Linux | Fixed sudo-based connector deployments on systems using the "wheel" group. | UR12 |
| WSUS Sync Approval | Resolved inconsistent patch approval status updates requiring manual WSUS sync. Requires WSUS get updates full sync after upgrade. | UR13 |
| Connector (Windows) | Corrected standaloneServiceUrl issue blocking auto-connection after 5.0 migration. | UR14 |
| Tasks | Synced backend-saved task parameters with UI display. | UR14 |
| Connector (Windows) | Re-signed driver. | UR15 |
| System > Smart Groups | Fixed issue where exclusion by Tag/Tag Text did not return accurate endpoints and saved empty filters. | UR16 |
| Connector (Windows) | Fixed registry handle leak causing performance degradation. | UR16 |
| Connector Deployment > Linux | Fixed SSH authentication failure with private keys on RHEL 9 by avoiding deprecated ssh-rsa and supporting rsa-sha2 algorithms. | UR16 |
| Remediation Plan > View | Fixed typo in the Emergency Remediation Plan label. | UR16 |
| System > Maintenance Schedule > Assignment | Fixed issue where endpoints matching a Smart Group with a CIDR filter were not assigned the Maintenance Rule name and the affected endpoint count was not updated correctly. | UR17 |
| Connector | Fixed registry handle leak in vlinkprocess64.exe causing excessive handle growth and performance degradation. | UR17 |
| System > Smart Groups > Assignment | Fixed issue where endpoints could be assigned to Smart Groups containing exclude filters instead of restricting to include-only Tag-based groups. | UR17 |
| System > Smart Groups > Assignment | Fixed issue where Exclude tag filters caused Smart Group assignment to select an incorrect set of machines. | UR17 |
| Connector > Registry | Fixed internal handle leaks. | UR18 |
| Connector > Windows Driver Signing | Re-certified and re-signed intigua_driver64.sys ahead of signature expiration. | UR18 |
Enhanced
| Area | Description | UR |
| Connector Deployment > Linux | Changed default temporary directory from /tmp to /var/jetpatch-temp, to align with NIST guidance on protecting temporary files. | — |
| WSUS Sync Approval | WSUS Sync Approval now persists after Tomcat restart. | — |
| WSUS | Enhanced run-sync API call for updating groups and endpoints assigned to a WSUS replica. | UR1 |
| Remediation Plans > Bulk RP Actions | Improved performance executing "Cancel All Completed Plans" on large batches. | UR5 |
| Performance | Improved response times and resolved performance issues. | UR3 |
Known Issues
- Inconsistent trial notification about the number of remaining days.
- WSUS-Less does not support third-party patches.
- WSUS-Less does not pre-download approved patches. A maintenance schedule must be used for download and installation (similar to Linux).
- Endpoints → Management → Filter by Tags → Manage Tags: No visual indication of assigned tags with Select All. Workaround: use Platform Configuration → Servers → Manage Tags.
|
Performance Note: If you notice slow application load time (>20 minutes) after a Tomcat restart, verify that the following properties are set in intigua.properties. If not, add them and restart Tomcat: system.task-executor.queue-size = 200 system.shards.size = 200 system.task-executor.pool-size.max = 100 Then run: service tomcat restart |
Comments
0 comments
Please sign in to leave a comment.