Kaspersky Security Center 10 (10.1.249): patch D release

Kaspersky Security Center 10 (10.1.249): patch D release

25 Nov 2014
Product news

Kaspersky Lab has released patch D for Kaspersky Security Center (version 10.1.249d)

Patch D features the following:

  • Patch D for Administration Console, (patch_10_1_249_console_d.zip), which is applied to computers with installed Administration Console and without Administration Server.
  • Patch D for Network Agent (patch_10_1_249_nagent_d.zip), which is applied to computers with installed Network Agent and without Administration Server (managed computers).
  • Patch D for Administration Server (patch_10_1_249_server_d.zip), which is applied to computers with Administration Server installed. Includes Network Agent and Administration console patches.
  • Patch D for iOS MDM Mobile Device Server (patch_10_1_249_iosmdm_d.zip).

Patch D is cumulative, thus including all the fixes from patch A, patch B, patch C, CVE-2014-0160, and CVE-2014-0224.

Attention! After you install patch D, the version of some files changes to 10.1.334. The version in Administration Console remains 10.1.249.

Improvements and fixed issues

Fixed issues:

  • Web Server cannot be run after backup.
  • Network Agent may stop responding when running iOS MDM Mobile Device Server.
  • Sending files to Quarantine and Backup may loop.
  • When handling various lists of Quarantine, Backup, or unprocessed objects, the status of action on elements of a list may be mistakenly assigned to elements of another one.
  • When handling lists of Quarantine and Backup objects, the search by object size and time of object addition to list remains unavailable.
  • Corruption of some Network Agent files causes the synchronization of lists to loop.
  • The user cannot run local tasks on computers managed by virtual Administration Servers.
  • Any physical damage inflicted to a local events storage leads to collateral errors.
  • High load on the CPU occurs at some network errors.
  • Unlimited growth in size of the Administration Server working folder.
  • An error occurs when retrieving updates.
  • Performance degradation is possible when distributing files or updating Administration Server.
  • The installation package distribution task cannot be run.
  • Initial downloading of updates through an Update Agent is unavailable cannot be performed.
  • Instable running of scheduled tasks at specific settings of the server update download task.
  • Client computers keep on using an Update Agent after it is removed.
  • Update Agent functions improperly after switching between connection profiles.
  • High load on the SQL server.
  • Remote RDP connection to a client computer is unavailable.
  • The policy of the master Administration Server does not cover a slave Administration Server.
  • Errors that cause messages such as "Failed to synchronize data with computer. Access denied." to appear in the event log of Kaspersky Security Center.
  • Incorrect display of Cyrillic fonts in the key properties.
  • Emergency restart of the Administration Server service.
  • Errors returned when handling the output stream in user scripts running as event notifications.
  • The Administration Server service sometimes stops responding to requests from Administration Console after remote installation tasks are removed (which leads to losses of connection between the Console and the Server). 
  • In the list of vulnerabilities, the filter by availability of tasks, which install updates to fix respective vulnerabilities, is not available.
  • Installing general updates of third-party applications may cause attempts to install more than one version of a single application.
  • In case of an "on completing another task" schedule, some tasks may be run more than once if the condition is met.
  • Deleting the entire temporary folder for the LocalSystem account (by default: %WINDIR%\TEMP) is sometimes attempted while running the task of fixing vulnerabilities and installing software updates on managed computers.
  • After a computer with Network Agent returns from the sleep mode, the computer's status on Administration Server changes to "Critical: Real-time protection is disabled".
  • Search for Windows updates is performed, but the client computer still holds the 'Critical' status.
  • At each startup of the Network Agent service on a computer, which is a virtual machine with the BIOS serial number that has been changed, the icon of that computer on Administration Server is deleted and then created again.
  • klserver fails due to a database error.
  • klactgui can be run only by a user with the administrator rights.
  • Scanning organizational units of Active Directory cannot be disabled for a virtual Administration Server.
  • A group task for Kaspersky Endpoint Security cannot be deleted if any Update Agents with active multicasting are running.
  • A task cannot be run after a user without required rights attempts to run it.
  • Administration Server crashes several times a day.
  • Errors of filtering in the Quarantine and Backup folders.
  • Cannot connect to Administration Server after restoration from a backup copy.
  • Information about a virtual machine that has been removed from a cluster (KSV), is not deleted from Administration Server..
  • The error causing the "Find vulnerabilities and critical updates" task to return an error.
  • CVE-2014-0160 and CVE-2014-0224 OpenSSL vulnerabilities.
  • Fixes from patch A.
  • Fixes from patch B.
  • Fixes from patch C. 

Improvements:

  • Traffic generated by multicasting has been optimized.
  • Checking of Administration Server addresses entered by users manually has been improved.
  • Display of information in the klnagchk has been improved.
  • The performance of the Application categories feature has been improved.

How to install patch D

To install patch D:

  • Run patch executable from any temporary folder.
  • In silent mode (for example, when distributing via Kaspersky Security Center), the patch must be run with a command line key –s

How to check if the patch was installed

View the report

To view the information on installed patches for Administration Server and Network Agent, generate the Report on Kaspersky Lab software versions with the Updates installed field enabled. To do it, go to the Detailed fields and add the Updates installed field. The information about the installed patch will be available in the Updates installed field.

Compare file versions

  • Administration Console
    • In the installation folder of Administration Console, the versions of the following files: klactgui.exe, klcskca2.dll, klcssrvp2.dll, klcsstd2.dll, klcstr2.dll must correspond to 10.1.334; klakcon.dll, kliosmdmcertlib.dll, klngtplg.dll, klsrvplg.dll must correspond to 10.1.313kllibeay.dll, klssleay.dll must correspond to 10.0.0.3.
    • No error messages can be found in the event log of Kaspersky Security Center.
  • Network Agent
    •  In the installation folder of Network Agent, the versions of the following files: klcsagt.dll, klcskca2.dll, klcsnagt.dll, klcsstd2.dll, klcstr2.dll, klnagchk.exe must correspond to 10.1.334klcssa.dll must correspond to 10.1.289; klcsngtgui.exe must correspond to 6.0.1.658 or 10.1.334 (depends on OS), vapm.exe must correspond to 10.1.313; vulnerability_assessment.dll, vulnerability_assessment_meta.dll must correspond to 5.1.2.21kllibeay.dll, klssleay.dll must correspond to 10.0.0.3.
    • No error messages can be found in the event log of Kaspersky Security Center.
  •  Administration Server
    • In the installation folder of Administration Server, the respective versions of the following files: klactgui.exe, lcsagt.dll, klcskca2.dll, klcsnagt.dll, klcssrv.dll, klcssrvp2.dll, klcsstd2.dll, klcstr2.dll, klcsweb.exe, kldb_mssql.dll, kldb_mysql.dll, klfc.exe, klnagchk.exe must correspond to 10.1.334klakcon.dll, kliosmdmcertlib.dll, klngtplg.dll, klsrvplg.dll, vapm.exe must correspond to 10.1.313klbackup.exe must correspond to 10.1.269klcsngtgui.exe must correspond to 6.0.1.658 or 10.1.334 (depends on OS), klcssa.dll version 10.1.289klksncore.dll version 10.1.320; vulnerability_assessment.dll, vulnerability_assessment_meta.dll must correspond to 5.1.2.21; kllibeay.dll, klssleay.dll must correspond to 10.0.0.3
    • No error messages can be found in the event log of Kaspersky Security Center.
  • iOS MDM Mobile Device Server
    • In the installation folder of iOS MDM Mobile Device Server, the version of file kliosmdmcomm.dll must correspond to 10.1.334.
    • No error messages can be found in the event log of Kaspersky Security Center.

 
 

How can we improve this article?

Your feedback will be used for content improvement purposes only. If you need assistance, please contact technical support.

Submit Submit

Thank you for your feedback!

Your suggestions will help improve this article.

OK