Our teams are working on this as highest priority. We couldn’t reproduce the issue yet on our test machines. Support team are asking for remote access permission to fetch necessary information.
It will be really helpful if you can give permission to do remote connection on one of the problematic endpoints
@smartcloud, moving forward I suggest you set your CCS version to a specific stable version instead of ‘latest’ and before updating all clients you push the latest release to a very small number to test. As an MSP, when a new version of CCS is released, we update our own workstations, then a couple of weeks later a small number of customers’ machines. It tends to be 4+ weeks after release that we start pushing out the update to a greater number of customers’ machines en masse. After we have updated a large number, we then change the default CCS version and all other machines will auto update.
I have a good news for this issue, we had reproduced the issue and fix is ready. We will run QA and if everything is ok, we will share it customers to confirm the solution early next week.
To downgrade, re-install is the only option at this point.
The biggest issue we have had this month has been with the Microsoft updates. KB5001649 should be a mandatory critical update and not an optional one as Microsoft has made it out to be.
We were able to address this issue with CCS by assigning temporary profiles to effected endpoints that disabled auto containment until a fix comes out. We will remove the temporary profile as soon as we get confirmation that the fix is released and working.
Our clients understand that updates to various software platforms is a complicated matter. The March 2021 Microsoft update addressed two zero day exploits but broke printer functionality for OEM print drivers in the process of patching the exploits. Our job is to resolve these issues as rapidly as possible and establish plans to prevent such foreseeable issues moving forward.
For CCS that will mean turning off the “latest version” setting and waiting a few weeks before deploying the latest CCS, given how critical CCS’s role is with the endpoints we manage and monitor. We will wait until the fix is released to do that as we very much want that fixed version deployed ASAP to all effected devices. For Microsoft, we are going to be looking at the Patch Management in ITarian and may consider gong to an approval based system on security patches moving forward rather than deploying them as soon as Microsoft releases them, wrongly assuming Microsoft has tested for every potential issue that could arise across millions of devices with billions of possible variables at play.
It’s not fully tested until it hits a production environment and something breaks, or doesn’t.