Host Access Management and Security Server - Release Notes

January 2022

Host Access Management and Security Server (MSS) 12.8.1 released January 2022.

What's New

Management and Security Server 12.8.1 released with Host Access for the Cloud 2.7.1.

All MSS releases are cumulative, and contain the features introduced in earlier releases. For previous versions, see MSS Documentation.

Features and Fixes

• Log4j library was upgraded to version 2.17.1 to mitigate multiple CVEs. (12.8.1)

• Documented how to run MSS as a dedicated, non-adminstrative, user. (12.8.1)

• MSS Documentation has been converted to Markdown. (12.8.1)

• TLS 1.3 is supported and enabled. Clients that do not yet support TLS 1.3 will fall back to TLS 1.2. (12.8)

• Windows Authentication - Kerberos is available for end users launching HACloud sessions via the session server or Reflection Desktop when configured for centralized management. (12.8)

• Management and Security Server (MSS) has been made more secure by using only HTTPS. (12.8)

• Communication from the Security Proxy to MSS when exporting settings has been upgraded to HTTPS. (12.8)

• Rumba+ Desktop 10.1 SP1 (or higher) sessions may now be launched from the Assigned Sessions list. (12.8)

• If the Metering administrator password is forgotten, you can easily reset it to the Administrative Console password. (12.8)

• You can add Subject Alternative Names to certificates while installing HACloud and MSS. (12.8)

Changes in Behavior and Usage

• Due to Microsoft continuing to retire Internet Explorer 11, our ability to resolve IE 11 browser-specific issues will be limited after June 2022. We will continue to support IE 11 on versions of HACloud that currently support it, based on the Product Support Lifecycle, but will be removing support for IE 11 in MSS 14 and greater. (12.8.1)

• MSS now uses HTTPS exclusively to increase security. HTTP has been disabled on all endpoints.

  NOTE: In upgrades, where clients had been configured to access Metering or the Terminal ID Manager over HTTP, those clients must be updated to use the HTTPS port. The MSS Certificate also needs to be imported to the appropriate certificate / trust store, if not already done. (12.8)

• TLS 1.0 and TLS 1.1 have been removed. Both TLS 1.2 and TLS 1.3 are available. (12.8)

Known Issues

If you encounter these or other issues with Management and Security Server, contact Micro Focus Support.

Note

With the addition of Windows Authentication - Kerberos, support for NTLMv2 will be removed in an upcoming release.

Contacting Micro Focus

Check these online resources.

• MSS Security Updates -- contact Micro Focus Support

• MSS Product Documentation

  - MSS Installation Guide

  - MSS Administrator Guide (online Help)

• Product information, including the MSS Add-On products and a Free Trial link

• Support Resources, including Knowledge Base articles

For specific product issues, contact Micro Focus Support.

Legal Notice

© Copyright 2022 Micro Focus or one of its affiliates

The only warranties for products and services of Micro Focus and its affiliates and licensors (“Micro Focus”) are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Micro Focus shall not be liable for technical or editorial errors or omissions contained herein. The information contained herein is subject to change without notice.