9.0.19 Release?

Same here, would like to gt an idea for planning purposes of when the .19 release will be available.

In the vulnerability email from Webroot last week we were told:
 
Within the next week we will also begin release of a new Webroot SecureAnywhere version 9.0.19.xx that,
along with a number of planned enhancements, will also set the registry key automatically.

Exactly what the other user just said, it was said that the 19.x version would be coming out within a week of the 1/3/18 notification so that it would set the registry key automatically to endpoints to allow the installation of the Microsoft patch for Meltdown and Scepter.
 
I was completely relying on this and not us having to deploy commands to change registry entries. If this was not mentioned in that notification I would have planned for our own change deployment.

In the same boat here.  I have been waiting for this to happen as well.  It's not fun telling executives that we need to backtrack on our response and manually add the reg key to a bunch of workstations/laptops/servers.

To add clarity, we have a multi stage release process that runs for around 3 to 4 weeks from beginning to end.  It's set that way to ensure that we're able to get feedback and stop the release in a timely manner if needed.  
 
Jonathan
 
 
 
 
 

So basically it was blowing smoke up our skirts telling us it'd be released last week? Big black eye for WR folks...

@ wrote:
To add clarity, we have a multi stage release process that runs for around 3 to 4 weeks from beginning to end.  It's set that way to ensure that we're able to get feedback and stop the release in a timely manner if needed. 

That's an admirable sysadmin strategy and I understand the reasoning.  But since in this scenario your downstream users are themselves sysadmins responsible to other downstream admins and end-users, I'd prefer if we could be given some control over the process.  In the case of user-interactive steps like approving a new extension in Firefox, you'd be surprised how many of my client contacts want an exact date. 
 
Ideally there'd be an initial or "RC" rollout that we could opt-in or -out of on a per-site basis, or at least be able to give our clients a solid date.  Seems like a rudimentary site-level version-control setting shouldn't be too difficult to implement in the web console (if it's not, the next platform re-design definitely needs to be done with an eye towards greater agility). 

At the moment, the RC stage is a manual opt-in.  You can deploy the RC agent using agent commands to any devices that you want to.  
 
I completely agree that this could be automated and it's something that is sitting on the backlog of stuff to do.  I'll be looking again at it once we've got a couple of major deliverables done.,
 
 
 
 

@ wrote:
At the moment, the RC stage is a manual opt-in.  You can deploy the RC agent using agent commands to any devices that you want to.  
 
I completely agree that this could be automated and it's something that is sitting on the backlog of stuff to do.  I'll be looking again at it once we've got a couple of major deliverables done.,
 
 
 
 

It's also a communications issue, i.e.
1."Within the next week we will begin releasing a new Webroot SecureAnywhere version 9.0.19.xx that, along with a number of planned enhancements, will also set the REGKEY automatically." [from Jan3 community annoucement] 
2. "We’ll be making a series of updates to endpoints under your management starting today. " [Product Updates email 2018-01-17.
3. As of today 2018-01-19 9:30 GMT, I can see no updates in management console, no release notes, no communication in the console apart from a Webthreat shield update alert from Nov 2016.
 
The community is a great resource, but these important product announcements should be communicated separately, direct from within the GSM, with authority and preferably (refererring/linking to) a single source.
 
 
 

The lack of updates in the console, or the ability to simply select from a group machines that need to have the app force-updated is starting to grind on me. It's as if the web console has been completely ignored in terms of updates and feature updates, while the software itself gets stuck at older versions on client machines. This latest failure to communicate when the latest update is supposed to be available highlights the lack of communication between the development team and public relations highlights a serious issue.

Webroot's inability to provide timely updates to it's corporate base is really making me think twice about whether this is the right product for my clients.  It really takes a month to come out with an update to fix a rather critical vulnerability?  How long does it take to come out with an update to a really virulent virus or other malware attack?  My clients seem to always be in the last "pool" to get updated (if such a thing really exists).  We want to get the update as soon as it's available, not sit around and wait for whenever the heck our turn is.  Why can't we just get a download link to the 9.0.19 so we can deply it ourselves? My console "resources" tab still downloads 9.0.18.44.  Sad.

I am pretty surprised at how lax the response has been.
 
Is there even any malware that takes advantage of the exploit yet?  If not, maybe that's the reason why the delivery has been slow.  Maybe the patch from MS is garbage and Webroot is waiting it out?  It's just weird that it's taken this long.
 
I know us tech folks hate hearing complaints especially when we have a lot to do already.  I'm hoping that the exploit is just rare, yet sensational-- that's why it was all over the news and we're all antsy to make sure our checkbox is checked.  I hope that's the case and it's not that Webroot is behind the curve 😞

I'll re-iterate that 9.0.18.xx has always been compatible with MSFT patches for Spectre / Meltdown.  There are numerous, automated methods of setting that reg key which then enables Windows Update to deploy.  
 
We've been balacing quality / stabilty / time and monitoring very closely for any signs of malware attempting to use the defects in Intel CPUs. 
 
You'll be pleased to know that the wait is almost at an end.  We've completed pre-release testing, fixed a couple of defects and the main rollouts should be commencing this week. 
 
Jonathan