VMware EUC Newsletter - Week 44



Weekly highlight:

Workspace ONE UEM Console 2306 - Installer

Upcoming Workspace ONE UEM Change Freeze

  • November Freeze: November 17th, 2023 at 6:00 PM – December 4th, 2023 at 1:00 AM EST
  • December Freeze: December 15th, 2023 at 6:00 PM – January 4th, 2024 at 1:00 AM EST

Horizon Cloud Service next-gen 2310 (Oct 2023) release


  • Horizon Control Plane
    • India has been added as a new region to the Horizon Cloud Service Control Plane that you can select while onboarding to the service. 

Horizon Edge

    • Additional Microsoft Azure VM SKUs have been configured for fallback use when deploying the Horizon Edge Gateway on Azure Kubernetes Service. This allows the deployment to succeed in regions where one or more of the SKUs is unavailable.

Provider Capacity

Desktops and Applications

    • The Pool and Pool Group detail pages now display real-time session data.

Horizon Client

    • Administrators can now configure privacy mode for end users in a VMware Horizon Cloud Service - next-gen environment. With privacy mode enabled, users must authenticate to log into Horizon Client and are redirected to the identity provider (IDP) logout page upon disconnecting from the Horizon Portal or exiting the client.






Upcoming EUC Events 




EUC Customer Success Quarterly Webcast Series

Next EUC Customer Success Quarterly Webcast Coming Soon!

Watch our latest webcasts:
Managing, Automating, and Supporting a Frontline Device Fleet
What’s New with Horizon Cloud Service next-gen and Improving VMware Horizon User Experience with Workspace ONE Intelligence
Windows 10 Multi-User Support for UEM & Revolutionize your IT Environment with Freestyle Orchestrator

Watch all additional previous webcasts On-Demand here.

VMware Digital Workspace Virtual Customer Success Roundtable

Next VMware Digital Workspace Virtual Customer Success Roundtable Coming Soon!

VMware Explore 2023

VMware Explore US

Watch 2023 EUC session replays here. 

VMware Explore Europe 

Barcelona | Fira Gran Via

Register Now

Watch replays from VMware Explore Europe 2022 here. 

6-9 November 2023


Watch On-Demand webcasts here.

Register for upcoming live webcasts here.

Register for Regional VMUG events here.

End User Computing Webinars

Sign up for upcoming webcasts and watch VMware On-Demand webcastshere


Release Updates Week 44: 


Workspace ONE Intelligent Hub for Android 23.10 (staged)

  • Open the Hub FAQ links within Hub: Hub FAQ links now seamlessly open within the Hub app, eliminating the need to launch a separate browser on the device. This is particularly helpful for restricted/Kiosk mode deployments (especially for frontline use-cases) where users are not expected to navigate out of the Hub app.  
  • See OEMConfig and other headless apps: Administrators can now see when an OEMConfig application, like KNOX Service Plugin or Zebra OEMConfig clients, is installed on their devices. By default, Workspace ONE UEM does not collect and display information about installed applications when said apps do not have an icon (AKA "headless apps"). This includes many OEMConfig clients. Administrators can now push a Custom Settings Profile to enable sampling and reporting of headless applications, including the installed version. See How to Enable Sampling of OEMConfig and Other Headless Apps for more information.
  • Support for custom messages for Workspace ONE Mobile Threat Defense: Administrators can now add content to the standard alerts sent to users for policy violations and when threats are detected. The additional content will be presented in Intelligent Hub in the threat details' page. Content can include corporate or legal content additional steps or advice, URLs for Support sites, and other important information.


How to get the Windows 11 2023 Update


VMware Workspace ONE Boxer for iOS 23.10

  • Dynamic text size for email body 
    • Users with vision problems would be able to read their emails without manually zooming in or out them 
    • Email body is resized following the user's device accessibility settings 


Secure Email Gateway 2.28

  • General quality and performance improvements with no new features.



Workspace ONE SDK for iOS 23.10

  • Compromise detection enhancement for iOS 17 false positives. 
  • Allowing apps to customize log levels. 
  • Bug fixes and Stability improvements. 
  • Third party library updates. 


VMware EUC Security Advisories: 

VMSA-2023-0025 - VMware Workspace ONE UEM console updates address an open redirect vulnerability


EUC UX Research Opportunities  

  • Our goal is to gather insight into user behaviors, motivations, and goals, so we can use those insights to inform and strengthen product and design decisions.
  • Interested in giving your opinion and making your voice heard? Check out what’s available!
  • Bonus: We give VMWare swag to Customers who participate (smile) 

EUC Product/Feature


Opportunity Type

Signup Link
(Less than 5 mins)

Horizon Next-Gen (V2)

EUC Design wants to improve the experience when onboarding the new Next-Gen Horizon Cloud Service Console. Whether you’ve partially or fully onboarded, we want to better understand areas of challenge specifically with Pools, Pool Groups, and Entitlements.  

45-minute, 1x1 conversation via Zoom where we will walk through the onboarding flow via a staging environment and discuss the experience. 

Interviews begin the week of Oct 16. SIGN UP HERE

WS1 Assist

EUC Design wants to learn about your helpdesk/servicedesk role and what you like, dislike, and wish could improve in your day-to-day when using Assist.

60-minute, 1x1 conversation via Zoom. 

Interviews + focus groups begin the week of Nov 6. SIGN UP HERE


KB Highlights & Announcements Week 44: 

[Resolved] UM-7930 - Guidance for mitigating CVE-2023-20886 in Workspace ONE UEM (95372)

  • CVE-2023-20886 has been determined to impact Workspace ONE UEM. This vulnerability and its impact on VMware products is documented in VMware Security Advisory - VMSA-2023-0025 .
  • Workspace ONE UEM 2203 and higher
  • This issue is resolved in Workspace ONE UEM 2306. Additionally, the fix is also available as a patch for the following supported releases of Workspace ONE UEM: (see KB for more info)


Autopilot Hybrid Join Best Practices (94477)

  • If you plan to deploy Windows devices with Autopilot Hybrid Join, you should follow the following guidelines. Every other configuration can cause deployment issues, timeouts, or errors.
    • Don’t deploy other resources than Domain Join configuration and VPN application / profile in the customer OG. 
      Devices enrolled via Autopilot, always getting enrolled into the customer OG. If there are other resources assigned to the device, the Autopilot Hybrid Join process might time out.
    • Pre-stage VPN application. 
      If your deployment requires a VPN connection because the end-user is outside the company network, you should consider Drop-Ship Provisioning (Online or Offline) to pre-stage the VPN application. 
      Due to the Microsoft limitations in the Autopilot process, VMware Workspace ONE does not have any ability to wait for the VPN application installation. As soon as the Offline Domain Join blob was applied to the device, the device will reboot. 
  • ... More Best Pratice in KB.


[AGGL-15892] Incorrect Icon displayed for Android Internal Apps in Console (95377)

  • When uploading new Internal Apps to the Workspace ONE UEM Console, one of the following issues is seen:
    • A generic Android icon is displayed instead of the application's icon
    • An incorrect icon image is displayed
  • This issue affects Workspace ONE UEM 2212 and higher.
  • Note: This only affects the icon displayed to the administrator. When the application is installed on a device, the correct icon is shown on the device.



Action Required: Custom 'Workflow Connectors' in Workspace ONE Intelligence Integrations with Incomplete Information Not Supported (95371)

  • Background:
  • In Workspace ONE Intelligence > Integrations, you were able to save 'Workflow connector' Integrations by entering just the name, without critical information. This would result in management overhead of incomplete connectors.
    Hence in Feb 2023, any new custom connector getting created has certain required fields to ensure only valid connectors are getting created.


[AGGL-15952] Profiles fail to load in Workspace ONE UEM Console (95355)

  • In some On-Premise Workspace ONE UEM environments:
    • When an administrator attempts to view or edit Android profiles in the Workspace ONE UEM Console, the page fails to load. MacOS profile may also fail to load in some affected environments
    • The Metadata Transform Service does not start
      • This can be verified by checking Services in the Windows server hosting the UEM REST API application


High Priority KBs 


Recently updated or added KBs (Links) 


Digital Workspace Techzone, Blog and YouTube Updates 


3rd Party Blog Updates & Industry News 



October Software Releases 





Release Date




Release Notes



Console DSAAS


Release Notes



VM Tunnel


Release Notes





Release Notes





Release Notes





Release Notes





Release Notes





Release Notes





Release Notes



Console OnPrem


Release Notes



Horizon Cloud Service Next Gen


Release Notes





Release Notes





Release Notes



Patch & Seed Script Updates Week 44-2023 







  • Workspace ONE UEM 23.02
    • Patch Level
    • AGGL-15899: All internal Android apps uploaded to the console were getting the default Android icon.
    • CRSVC-42773: Navigating to app events displays spaceman error.
    • AMST-39704: BIOS verification status sent incorrectly as a part of Windows security information sample.
    • AAPP-16535: iOS updates no query update status button on Workspace ONE UEM 2302.
    • AAPP-16586: Custom data (key/value) was not retained in the VPN profile (iOS) after reopening the profile.
    • AGGL-15912: Android VPN profile displays "Failed to save profile" error when trying to modify it or add a version to it.
    • CRSVC-42634: Migration tool application migration custom batch.
    • ARES-26761: High latency in purge expired sample data job execution.
    • RUGG-12356: Unable to get the launcher speed lock down feature working.
    • AGGL-15777: Add a new Last Used column to Resource Context table
    • https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2302/rn/vmware-workspace-one-uem-2302-release-notes/index.html#Resolved%20Issues
    • Last Update: CW44


  • Workspace ONE UEM 23.06
    • Patch Level
    • AAPP-16587: Custom data (key/value) not retained in VPN profile (iOS) after re-opening the profile.
    • AMST-39762: Workaround for OEM update profile fails to install on device.
    • ARES-26758: "App already exists with this Organization Group" error message when uploading a duplicate Windows app.
    • ARES-26865: Incorrect records are getting fetched due to ordering of duplicate payload templates.
    • CMEM-186928: Objects not clearing from the memory and causing high memory usage.
    • CRSVC-43006: Some identity certificates are reported as "Cert" type in error.
    • FCA-206261: UEM support for Workspace ONE Role Based Access Control.
    • PPAT-15442: Review and reduce the Tunnel Service Logs generation.
    • UM-8390: Unblock the Auto/Manual syncs during advanced Ldap Sync cycle failure.
    • https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2306/rn/vmware-workspace-one-uem-2306-release-notes/index.html#Patch%20Resolved%20Issues
    • Last Update: CW44