Updated my on-prem server & clients to 26.3.11.9650 - can no longer use the arrow keys to move between clients. We often need to check info on hundreds of clients, and having to click each client individually to switch between them is a major time drain.
Once again, we walked into the office this morning to find yet another surprise overnight update to our cloud-hosted ConnectWise stack—and yet another round of broken tools.
This time, Automate got hit. The unexpected release is causing Microsoft Defender to completely block the Solutions Center from opening, flagging it as Trojan:Win32/Supma.A.
This comes right on the heels of the absolute nightmare from the last fortnight, where we've been battling Defender nuking active ScreenConnect Agents after that botched update (the one they finally halted rollouts for because it was wiping out working deployments as Trojan:Script/Wacatac.C!ml). We are still fighting that fire, and now this.
Seriously, when will ConnectWise release a patch for the tools we pay them to host that doesn’t break existing functionality or silently yank features? No advance warnings, zero communication during the fallout, and non-existent support when we're left trying to piece our environments back together.
Is everyone else just writing global exclusions at this point, or has anyone actually managed to get a straight answer out of support?
Thanks! Seems like ConnectWise is on a mission to destroy every part of my workflow. Just upgraded to v 26.3.11.9650 on premises (was previously on 26.1.22.9573).
Public Sessions are Disabled… Can no longer make any session public. The “Listed Public Sessions” and “Legacy Public Session Creation” extensions, no longer function.
These changes were NOT documented in ANY of the release notes!
When I create a new certificate version in Azure Key Vault, does ScreenConnect continue to use the old certificate version until I update the Code Signer URI, or does it switch automatically?
My cloud upgrade path is on "delayed stable" specifically so that it's always on the most stable version available.
This is to avoid being affected by post-release bugs and status rollbacks (stable -> preview) which are happening more often now.
But v26.3.11.9650, which has only just been released after many minor versions and status rollbacks, is already classified as "delayed stable"? It hasn't even been out for a week yet, how do we know it's stable?
Delayed stable version should at least go in proper sequence, v26.1 -> v26.2 -> v26.3. Why 26.2 is still on "Preview" baffles me.
Hi all - received a deluge of alerts this morning from MDE across a few client systems and I think it was an update file related to Screenconnect. Did anyone else experience this today? It appears to be a false positive but I wanted to check with other folks. Goes without saying that my cloud instance was not compromised in any way, so I assume this is something related to an auto-update of the client.
Am I the only one that noticed over the course of 3 years the file transfers with on prem server have slowed to a crawl? I've rebuilt the server from Server 2016 to 2019 with the same issue.
Did anyone lose connections to their endpoints? Looks like after upgrading to 26.3.9.9638 - that's the last version showing in my console. Multiple systems I can no longer access. Just MS-AV on the endpoints as well.
Are we the only guys whose ScreenConnect instance doesn't come up? Nothing - just a blank screen.
Our org is currently on version 26.1.18.9566
SC Latest version from the Admin portal is showing 26.2.4.9623
SC Latest version showing on Release information is 26.3.7.9636
So far everyone is not having any major issues with 26.1 outside of the Copy/Paste bug that crashes the sessions.
26.3 was reported to be fixing it but theres bugs reported on SC release page that says its still occurring.
For anyone who has already upgraded to 26.2 or 26.3, there any negative or positive feedback on if we should proceed with upgrading or wait until the bug is properly resolved?
Hello,
Anyone getting Pomal malware alerts from Defender on ScreenConnect? Defender started flagging our own ScreenConnect instance a few minutes ago and I’m curious to see if anyone is experiencing the same.
It seems like this extension was pulled and gutted with a vengeance possibly on May 29th; if so, I am making the assumption that the reason is due to the recent attacks discovered that were using these fields... I'm really just hoping to find out whether I am crazy, or if anyone can confirm. The official documentation was populated a couple of weeks ago, but as of last week, the page is totally blank but for it's title and last updated date!
Edit: The attack I'm referring to, is described in this May 26 post HERE.
This started last week:
Doesn't matter whether Backstage or Remote Access, this stays on the portal screen until I click it closed.
Happens in both Firefox and Chrome.
Has anyone else experienced this, or is my browser environment fubar?
Thanks!
