We are excited to share, that we've reached GA for Web Help Deskv12.5.2

 

This service release includes:

 

Clickjacking protection

This release prevents malicious code from redirecting a hyperlink in the Web Help Desk user interface to an unauthorized third-party website or resource.

 

Secure password reset logic

After you click Forgot Password on the Log In screen, Web Help Desk verifies your current email address and redirects you back to the application using a secure connection to reset your password.

 

Improved LDAP security

Web Help Desk now prevents unauthorized LDAP client account users from logging in to an LDAP tech account with an identical user name. In v12.5.1 and earlier, WHD had 2 ways to handle LDAP authentication. One for techs and one for clients. After you install this release, the tech LDAP authentication functionality is removed, and every tech, who used this functionality will have his WHD password reset, and will also receive an email with steps to log in to WHD.

See Unauthorized clients can log in to a Tech account using LDAP authentication for details.

Before you install this upgrade, ensure that all techs have client accounts (authenticated through LDAP) linked to their tech accounts. Also ensure, that the tech username is not the same as any of the client's usernames. After the upgrade, all techs must access their tech account through their client account, or using the WHD tech username and WHD password (which can be reset using the secure password reset logic).

 

Updated Apache Tomcat

This release supports Apache® Tomcat® 7.0.82 for improved security. See the Apache Tomcat website for details.

 

Notabe fixed issues

Tickets linked to a survey now close properly after you change the status to Resolved.

The Office 365 connector now supports subfolders.

Tickets restricted to a location group can no longer be accessed by users in another location group.

 

We encourage all customers to upgrade to this latest release which is available within your customer portal.

Thank you!

SolarWinds Team