Kaseya Patch Progress
Kaseya reports that it has released a patch for VSA on-premises customers and has deployed the fix to its VSA software-as-a-service (SaaS) infrastructure. While the VSA SaaS update was complete by 8AM ET on Monday, July 12, Kaseya performed ”unplanned maintenance” across its SaaS infrastructure later that afternoon to address performance issues caused by so many users coming back online at the same time. That maintenance was complete as of 3:30 PM ET on July 12.
The patch does alter some of the VSA module's functionality. Read Kaseya's documentation for details. Kaseya published a hardening guide for on premise customers to go with the patch. It strongly recommends to first verify that the system is not already compromised, and Kaseya does offer links to tools to assist. Users will need to reset passwords after applying the patch.
Restarting services after an outage is tricky and requires planning, practice, and communications to prevent a crash or other denial of service. While you have plans for limited scope maintenance outages, have you looked at what happens if you had to turn everything off and on? If you’re using dynamic scaling, do you have a sufficient minimum level of services before turning the entry point (typically a load balancer/WAF) on? Did you remember to include the state of supporting services? Now that you’ve got that figured out on-premise, talk to your cloud and outsource providers about what their plans are and how it impacts your users.
Read more in
Kaseya: Important Notice July 12th, 2021
The Register: Kaseya claims SaaS restoration going swimmingly