Kaspersky Security Center 10 Service Pack 2 (version 10.3.407): Patch B
Download the latest application version
Click Download to go to the page with the installer for the latest version of Kaspersky Security Center 10.
Patch B for Kaspersky Security Center 10 Service Pack 2 was released on February 2, 2017. Patch B is cumulative and includes all of the fixes from patch A.
Patch B includes the following:
- Patch for Administration Console (patch_10_3_407_console_b.zip), that must be installed on a computer with Administration Console installed without Administration Server.
- Patch for Network Agent (patch_10_3_407_nagent_b.zip) that must be installed on a managed computer with Network Agent installed without Administration Server.
- Patch for Administration Server (patch_10_3_407_server_b.zip), that must be installed on the computer assigned to act as Administration Server. This component includes patches for Administration Console and Network Agent.
Fixes and improvements
- Improper functioning of the Daily scheduled task after adjusting the time settings due to DST.
- Incorrect display of the application installation history in the applications registry on the device.
- Improper functioning of the request inversion during a search for devices by presence of Network Agent installed.
- The error, which caused messages like “Database error occurred: #1950 (1292) Generic db error: "1292, 'Truncated incorrect CHAR(2) value: ''” to appear sometimes in Kaspersky Event Log if you used MySQL as the database management system (DBMS) for the Administration Server.
- The error caused the size of backup data copies to be extremely large in some cases.
- The error caused regular tasks of managed applications for device selections to fail to run upon a schedule sometimes after you restarted the Administration Server service.
- The error displayed as “Loading Windows Updates task: unexpected error. #1573 (4) [MS-WSUSSS]  Error 4 has occurred” or “Loading Windows Updates task: unexpected error. #1573 (4) [MS-WSUSSS]  Error 5 has occurred”, which might terminate the Perform Windows Update synchronization” task if Kaspersky Security Center was used as Windows Server Update Services (WSUS).
- The error, which caused the Kaspersky Security Center Administration Server service to fail to run after Administration Server was upgraded or restored from a backup copy, if you deleted the device selection on which the task had been created.
- the update download error, which occurred if all the application categories (all the check boxes) were selected in the Application categories section of the Perform Windows Update synchronization task. That is, all categories except the drivers category (Drivers check box cleared).
- Installation of Windows updates and Windows Update Agent crash that occurred when Kaspersky Security Center was used as WSUS on devices running Windows 10 Redstone.
- Problems affecting the connection between Administration Console and the Administration Server under some specific network conditions.
- Random distribution of downloaded updates among Network Agents.
- The failure, which sometimes occurred during a connection to the primary Administration Server if a large number of secondary Administration Servers were in use.
- Improper functioning of Administration Console, which occurred when traffic restriction features were used.
- Administration Console crash, which occurred when the list of application updates was viewed in the applications registry on the device.
- Random appearance of devices that had been deleted from the Administration Server, which might occur even if Microsoft network scanning was disabled.
- Incorrect display of the Active Directory structure in Administration Console, which might occur if Active Directory organizational units (OUs) were re-created.
- Regular appearance of a message in Kaspersky Event Log, which reported of the completion of an Active Directory scan on the Administration Server, and the appearance of icons of devices that had been deleted, which occurred when Active Directory scanning was disabled.
- The errors of key export and automatic key distribution.
- Emergency restart of the Administration Server under a few hundred of update agents scanning the Microsoft network simultaneously.
- The link from the Unknown status on the Real-time protection statuschart, which redirected to a blank list of devices if a cluster was used.
- the cyclical relocation of devices back to their corresponding administration groups, which was conditioned by a moving rule even if those devices were previously moved to the “Unassigned devices” group due to an access timeout.
- The “Illegal operation attempted on a registry key that has been marked for deletion” error that might be returned by the “Backup of Administration Server data” task.
- The “Connection gateway address” field whose value was ignored if the “Use to receive updates only” check box was selected in the Network Agent connection profile.
- 4-hour delay in receipt of a list of currently active update agents by a device, which occurred if that device was moved from one administration group to another.
- Display of network traffic details in the workspace.
- Processing errors with Cyrillic names in update files.
- Possible blocking of synchronization of network lists in Network Agent (for example, list of installed applications or list of executable files).
- The “access denied” error returned by Remote Diagnostics Utility when you attempted to connect to a device through the Administration Server if that device did not connected to the Administration Server directly but through an update agent in connection gateway mode instead.
- The “Download updates to the repository” task, which started on the primary Administration Server instead of starting on the cluster.
- The error returned in Kaspersky Event Log after installation of a reserve license through automatic distribution, if the active license of the managed application was received from a source other than Kaspersky Security Center.
- the display of the security application for Android in the “Protection version” column on the “Devices” tab of the “Managed devices” folder.
- Incorrect display of an administration group from which a policy was inherited.
- Switching of the policy status when “Out-of-office policy” was selected.
- Generating of unexpected audit events.
- Random crashes and unstable operation of the KSN proxy server under certain conditions.
- The error, which occurred during the upgrade to version 10 Service Pack 2 and returned a message in Kaspersky Event Log displayed as “An explicit DROP INDEX is not allowed on index 'Hosts.Hosts__nId'. It is being used for FOREIGN KEY constraint enforcement.' LastStatement='EXEC upgd_col_to_bigint 'Hosts', 'nId';”. This error might occur when some SQL configurations were used as database management system (DBMS) for Administration Server.
- The delivery of a list of devices to all devices in a task scope when tasks for specific devices were run, stopped, or modified manually.
- Incorrect processing of superseded updates for devices running Windows 8.1, if Kaspersky Security Center was used as WSUS.
- Non-display of some vulnerabilities fixed by Microsoft updates in the general list of vulnerabilities.
- Improper operation of the Copy/Paste command in the Tasks folder.
- Lengthy delays (one hour or longer), which occurred during activation of policy profiles according to automatic tagging rules.
- Device shutdown after task completion.
- Termination of a client connection by the Kaspersky Lab activation server service and the activation stop during co-operation with some proxy servers with NTLM authentication enabled.
- Update of the Protection_BasesDate variable in the Registry by a Network Agent using the “Not connected” profile for connection to the Administration Server.
- Impact of the SrvUseStrictSslSettings check box on support of up-to-date SSL security protocols.
- Protection deployment report, which might lack some data from secondary Administration Servers if the “Transfer detailed information from slave Administration Servers” check box was selected.
- Random crashes of the Kaspersky Security Center 10 Administration Server service, which occurred when Kaspersky Security Center 10 Web Console was used.
- Improved operation of the update download and vulnerability fix functionality.
- Regular publications of the task stop event during a certain time interval after the “Find vulnerabilities and required updates” task was forced to stop, whose length depended on the Administration Server load.
- Generation of abnormally large amounts of traffic by a Network Agent acting as update agent, if the update agent mode was disabled for it during a Microsoft network scan.
- Transmission of corrupted data to devices during a simultaneous synchronization of multiple iOS devices. In this case, information about template tags was deleted from the policy of Kaspersky Endpoint Security for Android, which caused the transmission of %mail% tags and further deactivation of configurations on devices.
- Memory leakage in the klakaut.exe process.
- Messages with Cyrillic symbols sent in ArсSight.
- Improved use of encryption keys created in the previous version of Kaspersky Security Center.
- The operating system name displayed for Microsoft Windows Server 2016 in the hardware registry.
- File downloading from a standby update agent.
- Optimized load on the CPU by Network Agent when the Administration Server is not available and remote installation tasks are active.
- OpenSSL is now upgraded to 1.0.1u.
- The importance level is now changed to “Functional failure” for events c_szwLogSslHandshakeFailed and c_szwLogAuthFailed.
To install patch B, perform one of the following actions:
- Run the executable file of the patch.
- In silent mode (e.g., when distributing via Kaspersky Security Center), the patch must be run with the command line key –s.
How to check whether the patch is installed
View the report
You can check if the patch was installed through the report on the versions of Kaspersky Lab applications . To do this, create the report with the Updates installed field:
- Open the report’s properties.
- Go to the Details section.
- Click Add.
- Select Report field name → Updates installed.
- Click OK.
Information about the installed patch will be displayed in the Updates installed field of the report.
Compare file versions
For Administration Console:
- In the Administration Console installation folder, the version of the klakaut.exe, klakcon.dll, klaklocpar.dll, klcssrvp2.dll, klcsstd2.dll, klcstr2.dll, and klsrvplg.dll files changes to 10.3.6007, while the version of the klcskca2.dll file changes to 10.3.6013, and the version of the kllibeay.dll and klssleay.dll files changes to 10.0.0.10.
- No errors are logged into the Kaspersky Event Log.
For Network Agent:
- In the Network Agent installation folder, the version of the klcsstd2.dll and klcstr2.dll, and Up2Date.exe files must be 10.3.6007, while the version of the HWiNFO32.dll file changes to 184.108.40.206, the version of the klcskca2.dll file changes to 10.3.6013, and the version of the klcsnagt.dll file changes to 10.3.6017.
- No errors are logged into the Kaspersky Event Log.
For Administration Server:
- In the Administration Server installation folder, the version of the klakaut.exe, klakcon.dll, klaklocpar.dll, klbackup.exe, klcssrvp2.dll, klcsstd2.dll, klcstr2.dll, kldb_mssql.dll, kldb_mysql.dll, klserver.exe, klsrvplg.dll, ksnproxy.exe, and Up2Date.exe files changes to 10.3.6007, the version of the HWiNFO32.dll file changes to 220.127.116.11, the version of the klactprx.exe and klcskca2.dll files changes to 10.3.6013, the version of the klksncore.dll file must be 10.3.6006, the version of the klcsweb.exe file changes to 10.3.6014, the version of the kllibeay.dll and klssleay.dll files changes to 10.0.0.10, the version of the klcsnagt.dll file must be 10.3.6017, and the version of the klcssrv.dll file changes to 10.3.6019.
- No errors are logged into the Kaspersky Event Log.