Week 3 - VMware Digital Workspace Newsletter

Image
   Weekly highlight:    VMware Workspace ONE ITSM Connector  is now a ServiceNow certified app:   The Workspace ONE ITSM Connector supports common Workspace ONE UEM commands, such as change passcode, device lock, device and enterprise wipe, log requests, messages, soft reset, device sync, and more. Integration with Workspace ONE Assist enables help desks to quickly launch remote support sessions and view or control employee devices, directly from ServiceNow.   https://store.servicenow.com/sn_appstore_store.do#!/store/application/b110a7a11b12b41092ce8514604bcb28/1.0.2?referer=%2Fstore%2Fsearch%3Flistingtype%3Dallintegrations%25253Bancillary_app%25253Bcertified_apps%25253Bcontent%25253Bindustry_solution%25253Boem%25253Butility%25253Btemplate%26q%3DVMware&sl=sh   Release Notes Initial release  Integration with Workspace ONE UEM via REST api Guided setup for HTTP connection Configurable device managment actions  Role based access for actions Seamless integration with standard Incident

Week 50 - VMware Digital Workspace Update








Weekly highlight: 

 

Log4j vulnerability CVE-2021-44228 – VMware Digital Workspace Products





 Software Releases Week 50 - Release Notes

System

Component

Release

Announcement

Release Date

iOS

Hub

21.11

  • Hub will now automatically show the search bar in the People tab without having to swipe down

  • If the Favorites tab is not enabled by your admin, the Favorites section will no longer show

  • Improvements to deep linking to internal applications, this includes the case where end users may see duplicate icons and if they have not opened Hub in a while, they would see out of date information

  • Support for Token Authentication when using Workspace ONE Access as the source of authentication

  • Bug Fixes

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/Workspace-ONE-Intelligent-Hub-for-iOS.html

14.12.21

iOS

Web

21.12

  • Https is now the default scheme to load URLs when no scheme provided.

  • There is a new KVP configuration to force load all URLs with https.

  • Web shows a visual warning indicator on http URL access.

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Web-for-iOS.html

15.12.21

iOS

Content

21.12

  • Multi-App Support - This feature allows Content iOS users to use the WS1 Content app in parallel with other apps of their choice in a multi-app fashion.

  • Custom Acknowledgement button - This feature allows WS1 Content admins to configure the text on the Acknowledgement button as per their enterprise requirements.

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Content-for-iOS.html

15.12.21

iOS

Notebook

21.08.1

  • INOTE-853 [SSO] Notebook shows incorrect Exchange connect button label when SSO is on

  • INOTE-848 [Tasks] Swiping tasks shows inconsistent delete and move icons

  • INOTE-847 [Enrolment] Not connecting to exchange first time after enrolment

  • INOTE-846 [Sync] Closing Notebook from background mode disconnects the Exchange account

  • Multiple localization fixes

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Notebook-for-iOS.html

15.12.21

iOS

Boxer

21.11

  • Personal email notifications are going away with this version. Gmail users will see a notifications return in a future release

  • Bug Fixes

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Boxer-for-iOS.html

16.12.21

Android

Hub

21.11

  • AAGNT-191410: Direct Boot support for Work Profile Passcode Reset

    • Requirements

      • Workspace ONE UEM Console 21.11

      • Device must be running Android 11 or higher

    • When assisting a user with clearing their Work Profile Passcode when the Work Profile is locked in Direct Boot, first the user must click the Forgot Password button on the lock screen, at which point the IT admin can send the Clear Work Profile Passcode command.

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/Introducing-VMware-Workspace-ONE-Intelligent-Hub-for-Android.html

14.12.21

(staged)

Android

Boxer

21.11

  • Bug Fixes

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Boxer-for-Android.html

14.12.21

Android

Notebook

21.08.1

  • ANOTE-850 - [Handwriting] Fix issue with colour changing

  • ANOTE-829 - [UI] Fix visual bug when creating Smart Lists and Smart Notebooks

  • ANOTE-828 - [Feedback] Fix bugs with attach screenshot and send logs

  • ANOTE-827 - [Handwriting] Fix clipped edges of the handwriting when being inserted into a note

  • ANOTE-816 - [Notes]Keyboard not dismissed when pressing back button in edit note

  • Crashes

  • Localization issues

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Notebook-for-Android.html

14.12.21

Windows

Tunnel Win10

2.1.5

  • General quality and performance improvements with no new features.

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Tunnel-for-Windows.html

13.12.21

Backend

UAG

2111.1

VMware Unified Access Gateway 2111.1 includes important security updates.

  • VMware Unified Access Gateway 2111.1 includes a fix for the critical CVE-2021-44228 vulnerability, the CVE-2021-45046 vulnerability and a fix for the uagdeploy PowerShell deployment script. Refer to the Resolved Issues section for more details.

  • Updates to Photon OS package versions and Java versions.

https://docs.vmware.com/en/Unified-Access-Gateway/2111.1/rn/unified-access-gateway-21111-release-notes/index.html

16.12.21



VMware VMSA-2021-0029 - Impacting Workspace ONE UEM, console patches address SSRF vulnerability

  • A Server Side Request Forgery (SSRF) vulnerability in VMware Workspace ONE UEM console was privately reported to VMware. Patches and workarounds are available to address this vulnerability in affected VMware products. The issue has been mitigated for VMware-hosted Workspace ONE consoles.

  • VMware Workspace ONE UEM console contains a Server Side Request Forgery (SSRF) vulnerability. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.1.

  • A malicious actor with network access to UEM can send their requests without authentication and may exploit this issue to gain access to sensitive information.

  • Patches and Workaround in listed / explained in the KB.

  • VMSA: https://www.vmware.com/security/advisories/VMSA-2021-0029.html

  • KB-Reference: https://kb.vmware.com/s/article/87167


Antivirus Best Practices for Workspace ONE Intelligent Hub for Windows (87149)

  • Enterprises often leverage 3rd party security or antivirus software for endpoint security and threat remediation. There are scenarios that Workspace ONE Intelligent Hub components or services are being impacted due to false-positive reports.

  • This article provides information on the list of directories/sub-directories that need to be excluded under the antivirus or security software endpoint settings for the Workspace ONE Intelligent Hub for Windows to function properly.

  • In the KB is the complied list of items (includes directories, sub-directories, executables) that need to be excluded.

  • KB-Reference: https://kb.vmware.com/s/article/87149?lang=en_US


Change for "Tags" API resource during migration to Workspace ONE UEM release 2105 and above (87116)

  • Before the Workspace ONE UEM 105 release, the "Tags" permission was not needed to call the TAGS API. The authorization attribute was missing from API endpoints. Post the 2105 release, the appropriate permission was added to the Tags API.

  • Customers who migrate to Workspace ONE UEM release 2105 releases and above will have to explicitly enable the below resources for their Admin accounts to utilize the Tags API.

  • Within the Workspace ONE UEM Console, please enable the resources below to utilize the Tags API.

  • More info in KB: https://kb.vmware.com/s/article/87116?lang=en_US


Removal of search text option for “category” field on Device event page (87115)

  • The search text option for the Category field on both the Console Events and Device Events pages within the Workspace ONE UEM Console will be removed in early 2022 Console releases.

  • When navigating to Monitor > Events > Console Events/ Device Events pages within the Workspace ONE UEM Console, a grid is available that features the option to search for inserted text.

  • However, within the Category field, the ability to search for text entered with a space is not available.
    This is due to the fact that the search functionality is displayed based on locale text, preventing the ability to search for the entered text in the globalization field.

  • There are additional filters available on the grid which can be utilized on both the Device Events and the Console Events pages instead.

  • KB-Reference: https://kb.vmware.com/s/article/87115?lang=en_US


Deprecate 'Sorting' from few columns on Device List view page in Workspace ONE UEM console in early 2022 (86044)

  • With the modernization effort and redundant cleanup activity in progress, the decision has been made to deprecate the 'Sorting' functionality from the below columns on Device List View page within the Workspace ONE UEM Console.
    This will be accomplished in early 2022.

    • Build Version

    • Public IP address

    • Wi-Fi SSID

    • WNS Status

    • DM Last seen

    • Device Group

  • Alternate to Device Group
    1. Filters have been implemented to narrow down the devices.
    2. 'Tags' are a powerful alternative to device groups.

    • Device-list supports filtering devices by tags, which can be used to narrow down to specific set of devices.

    • Tags are supported in smart group criteria.

  • 3. Sort by build version

    • Consider two devices D1 (OS version: 1.0.0.1) and D2 (OS version: 2.0.0.0). The build version is the fourth part of the OS version.

    • Sorting by build version will list D2 over D1, while the OS version of D2 is greater than that of D1.

    • In short, build version alone does give the complete picture, and should not be used to sort.

    • The OS version filter can be used to narrow down on the required devices.


  • 4. The columns are rarely used to sort in production.

  • KB-Reference: https://kb.vmware.com/s/article/86044?lang=en_US


Introducing VMware Workspace ONE Intelligence version 21.12.07 (87061)

  • The VMware Workspace ONE team is excited to announce a new update to Workspace ONE Intelligence on December 7th, 2021. The release is publicly available.

  • We've updated the integration of Carbon Black with the Trust Network feature.

    • The integration now provides faster delivery of Carbon Black threat and risk information to Workspace ONE Intelligence. It also includes a new field entitled Threat Event Status that you can use in your Intelligence queries. This field identifies when Carbon Black changes and updates its alerts. 

    • To take advantage of these new capabilities, navigate to the Integrations Dashboard and update the API keys for the Carbon Black integration. For more information regarding this enhancement, access the article Workspace ONE Intelligence Integration Update.

  • In the CVE solution, we've added support for iOS.

  • Users can now group data by different time ranges (daily, weekly, 28 days) in widgets.
    This enhancement enables use cases where the user wants to see data points by larger timeframes such as total bytes received by week or month.

  • KB: https://kb.vmware.com/s/article/87061?lang=en_US


Product team's response to Aha! feature requests (87055)

  • Since our launch of the Aha! feature request portal, we’ve been amazed at the engagement from our customers and partners to put forth new ideas and suggestions. As a product team, it’s been great to hear and engage directly with customers to build the future of Workspace ONE.

  • We get a lot of questions on which ideas are being looked at by the VMware product team, so we’d like to announce a formal commitment on ideas that will get a response: 

  • The VMware product team will provide a response on the top 10 most voted ideas in each top-level category on the Aha! portal. 

  • The top ideas for a top-level category can be viewed by using the ‘Popular’ tab in the Aha! Portal and filtering by category.

  • More info: https://kb.vmware.com/s/article/87055?lang=en_US


Enhanced Carbon Black Integration Update (86394)

  • Behind-the-scenes changes in the way data is shared between Carbon Black Cloud and Workspace ONE Intelligence are being released this week. 

  • Please follow the instructions in the Workspace ONE Intelligence > Integrations card >  UPDATE CONNECTION (shown below) to configure this integration with updated API keys. (For more technical information and configuration instructions - Workspace ONE Intelligence Integration Update: https://developer.carbonblack.com/2021/09/workspace-one-intelligence-integration-update/)

  • The mechanism used to send data from Carbon Black Cloud is being updated to a newer method that will provide faster delivery of Carbon Black threat and risk information, as well as the addition of Alert Change details.

  • The addition of Alert Change details may result in an increased volume of data coming to your Workspace ONE Intelligence environment, though there are no charges for this. You will also see an additional field called “Threat Event Status”

  • To take advantage of these new features follow the provided instructions included in this article: https://kb.vmware.com/s/article/86394?lang=en_US



VMware Techzone, YouTube and Blog Updates


Blog, 3rd Party and Partner Updates


Software Releases December 2021

System

Component

Release

Announcement

Release Date

Backend

Console SAAS

21.11

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2111/rn/vmware-workspace-one-uem-2111-release-notes/index.html

07.12.21

Backend

WS1 Intelligence

21.12.07

https://kb.vmware.com/s/article/86321?lang=en_US

07.12.21

Backend

Assist

21.09

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/Workspace-ONE-Assist.html

02.12.21

Backend

WS1 Access OnPrem

21.08.0.1

https://docs.vmware.com/en/VMware-Workspace-ONE-Access/21.08/rn/VMware-Workspace-ONE-Access-2108-Release-Notes-On-Premises.html

09.12.21

Backend

Hub Services SaaS

December 2021

https://docs.vmware.com/en/VMware-Workspace-ONE/services/rn/Workspace-ONE-Hub-Services-Cloud-2021-Release-Notes.html#about

09.12.21

iOS

Hub

21.11

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/Workspace-ONE-Intelligent-Hub-for-iOS.html

14.12.21

iOS

Web

21.12

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Web-for-iOS.html

15.12.21

iOS

Content

21.12

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Content-for-iOS.html

15.12.21

iOS

Workspace ONE SDK SWIFT

21.11

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-SDK-for-iOS--Swift-.html

03.12.21

iOS

Notebook

21.08.1

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Notebook-for-iOS.html

15.12.21

Android

Hub

21.11

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/Introducing-VMware-Workspace-ONE-Intelligent-Hub-for-Android.html

14.12.21

Android

Boxer

21.11

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Boxer-for-Android.html

14.12.21

Android

Web

21.12

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Web-for-Android.html

10.12.21

Android

Content

21.12

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workpace-ONE-Content-for-Android.html

09.12.21

Android

Notebook

21.08.1

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Notebook-for-Android.html

14.12.21

Android

Launcher

21.10

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/Introducing-VMware-Workspace-ONE-Launcher-for-Android.html

06.12.21

Android

SDK

21.11

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-SDK-for-Android.html

09.12.21

Windows

Tunnel Win10

2.1.5

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Tunnel-for-Windows.html

13.12.21

Windows

Drop Ship Provisioning bundle

2.0

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/Provisioning_WorkspaceONE/GUID-9CE2ADE1-D73E-4693-812F-4281BEB0EC72.html

06.12.21


Patch & Seed Script Updates Week 50





Comments

Popular posts from this blog

Workspace ONE | Use ADFS as an Identity Provider in Workspace ONE Access with JIT

Configure Shared iPad for Apple Business Manager in Workspace ONE

VMworld Security Recap 2020