KEMBAR78
ReleaseNotes EN | PDF | Transport Layer Security | Computer Security
Scribd
Upload
689 views20 pages

ReleaseNotes EN

Uploaded by

khoihoang0089
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
689 views20 pages

ReleaseNotes EN

Uploaded by

khoihoang0089
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 20

Schneider Electric Software Update

(SESU)

Release Notes

Software Version: 3.0.7


Release Date: July 2024

Internal
www.se.com

Legal Information
The Schneider Electric brand and any trademarks of Schneider Electric SE and its
subsidiaries referred to in this guide are the property of Schneider Electric SE or its
subsidiaries. All other brands may be trademarks of their respective owners.
This guide and its content are protected under applicable copyright laws and furnished for
informational use only. No part of this guide may be reproduced ortransmitted in any form or
by any means (electronic, mechanical, photocopying,recording, or otherwise), for any
purpose, without the prior written permission ofSchneider Electric.
Schneider Electric does not grant any right or license for commercial use of the guideor its
content, except for a non-exclusive and personal license to consult it on an "as is" basis.
Schneider Electric products and equipment should be installed, operated, serviced, and
maintained only by qualified personnel.
As standards, specifications, and designs change from time to time, informationcontained in
this guide may be subject to change without notice.
To the extent permitted by applicable law, no responsibility or liability is assumed by
Schneider Electric and its subsidiaries for any errors or omissions in the informational
content of this material or consequences arising out of or resulting from the use of the
information contained herein.

As part of a group of responsible, inclusive companies, we are updating our


communications that contain non-inclusive terminology. Until we complete this process,
however, our content may still contain standardized industry terms that maybe deemed
inappropriate by our customers.

© 2024 – Schneider Electric. All rights reserved.

Release Notes Schneider Electric Software Update 2 of 20


Table of contents
LEGAL INFORMATION .................................................................................................................................... 2

1 SYSTEM REQUIREMENTS AND INSTALLATION ............................................................................................ 5

1.1 Supported Operating Systems .............................................................................................. 5


1.2 PC Software Requirement .................................................................................................... 5
1.3 PC Hardware Requirement ................................................................................................... 5
1.4 Installation ............................................................................................................................ 6
2 CHANGES .......................................................................................................................................... 7

2.1 Changes brought by version 3.0.7 ........................................................................................ 7


2.2 Changes brought by version 3.0.5 ........................................................................................ 7
2.3 Changes brought by version 3.0.3 ........................................................................................ 7
2.4 Changes brought by version 3.0.1 ........................................................................................ 7
2.5 Changes brought by the version 2.6.5 .................................................................................. 7
2.6 Changes brought by the version 2.6.4 .................................................................................. 8
2.7 Changes brought by the version 2.6.3 .................................................................................. 8
2.8 Changes brought by the version 2.6.2 .................................................................................. 8
2.9 Changes brought by the version 2.5.3 .................................................................................. 9
2.10 Changes brought by the version 2.5.2 .................................................................................. 9
2.11 Changes brought by the version 2.5.1 .................................................................................. 9
2.12 Changes brought by the version 2.5.0 ................................................................................ 10
2.13 Changes brought by the version 2.4.0 ................................................................................ 10
2.14 Changes brought by the version 2.3.1 ................................................................................ 11
2.15 Changes brought by the version 2.3.0 ................................................................................ 11
2.16 Changes brought by the version 2.2.0 ................................................................................ 15
2.17 Changes brought by the version 2.1.2 ................................................................................ 15
2.18 Changes brought by the version 2.1.1 ................................................................................ 16
2.19 Changes brought by the version 2.0.1 ................................................................................ 17
3 BUG FIXES.......................................................................................................................................... 18

3.1 Bugs addressed in the version 2.1.1 ................................................................................... 18


3.2 Bugs addressed in the version 2.0.2 ................................................................................... 18
4 KNOWN ISSUES .................................................................................................................................. 19

5 SECURITY GUIDELINES ......................................................................................................................... 20

Release Notes Schneider Electric Software Update 3 of 20


1.1 Perimeter Hardening .......................................................................................................... 20
1.2 Network Hardening ............................................................................................................ 20
1.3 Workstation Hardening ...................................................................................................... 20
1.4 Organizational Policies ....................................................................................................... 20

Release Notes Schneider Electric Software Update 4 of 20


1 SYSTEM REQUIREMENTS AND INSTALLATION

1.1 Supported Operating Systems


• Microsoft Windows 10 32 Bit / 64 Bit

• Microsoft Windows 11 64 Bit

1.2 PC Software Requirement


This version requires the following system components to run properly:

• Microsoft .Net Framework 4.8

1.3 PC Hardware Requirement

EQUIPMENT REQUIREMENT
Free Hard Disk The software itself needs less than 100 MB, but you need free hard
Space disk space for the downloaded Updates depending on their size.
In the absence of enough free disk space the SESU may notify about
the existence of an update but without being able to download it.
Internet Access This software needs Internet access.

Release Notes Schneider Electric Software Update 5 of 20


1.4 Installation
The product version 3.0.7 can be directly applied as an update for the following installed versions:
• Schneider Electric Software Update 1.0.13
• Schneider Electric Software Update 1.1.0
• Schneider Electric Software Update 1.2.0
• Schneider Electric Software Update 1.3.0
• Schneider Electric Software Update 1.3.1
• Schneider Electric Software Update 2.0.1
• Schneider Electric Software Update 2.0.2
• Schneider Electric Software Update 2.1.0
• Schneider Electric Software Update 2.1.1
• Schneider Electric Software Update 2.1.2
• Schneider Electric Software Update 2.2.0
• Schneider Electric Software Update 2.3.0
• Schneider Electric Software Update 2.3.1
• Schneider Electric Software Update 2.4.0
• Schneider Electric Software Update 2.5.0
• Schneider Electric Software Update 2.5.1
• Schneider Electric Software Update 2.5.2
• Schneider Electric Software Update 2.5.3
• Schneider Electric Software Update 2.6.2
• Schneider Electric Software Update 2.6.3
• Schneider Electric Software Update 2.6.4
• Schneider Electric Software Update 2.6.5
• Schneider Electric Software Update 3.0.1
• Schneider Electric Software Update 3.0.3
• Schneider Electric Software Update 3.0.5

It replaces the previous version on your PC.

The installation of version 3.0.7 requires administrator privileges to start.

Release Notes Schneider Electric Software Update 6 of 20


2 CHANGES
2.1 Changes brought by version 3.0.7
Version 3.0.7 introduces the following fixes and enhancements:

• File sizes will no longer be displayed as negative value.


• Updates are no longer unintentionally marked as “seen”.
• Notification and tray icons are now correctly appearing and opening the SESU UI.

Please see chapters 2.2 to 2.4 for information on all major changes in Schneider Electric
Software Update Client 3.0.X.

2.2 Changes brought by version 3.0.5


Version 3.0.5 introduces the following fixes and enhancements:

• Running the installation in silent mode no longer uninstalls the Schneider Electric FUS and
Schneider Electric SUT Service.
• Improvement of Logging behavior.
• File sizes are now properly shown with binary prefixes.

2.3 Changes brought by version 3.0.3


With this version, the issue that previously hindered specific update installers from running was
resolved.

2.4 Changes brought by version 3.0.1


With this version, the previous backend technology used to request and retrieve updates has
been replaced. This helps to increase security measures and is the basis to support future
functionality. Specifically, it includes measurements to improve the data integrity of retrieved
update information and files.

Important Note for Schneider Electric Software Update Clients (Versions 1.x & 2.x):
The backend supporting our Schneider Electric software update client versions 1.x and 2.x will
soon be discontinued. Therefore, it is necessary to update to version 3.0.1 in order to receive
updates for Schneider Electric software products in the future.

Additional Information:

• The Schneider Electric Software Update Client now supports Windows 11 64-bit systems.
• .Net Framework 4.8 will be required for installation.
• Installations into the root folder of a volume will now create an additional directory instead of
installing all files directly into the root folder.

2.5 Changes brought by the version 2.6.5


This version brings the following improvements:

• Fixed installation and uninstallation issues in supported 32-bit variants of Windows.


• Improved the functionality of the notification banner to indicate that a new version of
Schneider Electric Software Update was installed automatically, even in the case of an error
screen.
• New versions of Schneider Electric Software Update are no longer able to connect to the old
update server.

Release Notes Schneider Electric Software Update 7 of 20


2.6 Changes brought by the version 2.6.4
This version fixes an issue related to unexpected additional dialogs in the installation procedure.
It also fixes an issue that the “SESU has been updated” notification banner was not displayed in
all cases.

2.7 Changes brought by the version 2.6.3


This version was hardened to help increase security. Additionally, the software will inform the
user if a new version of Schneider Electric Software Update was automatically installed via the
"automatic update"-feature introduced in version 2.6.2.

2.8 Changes brought by the version 2.6.2


This version was hardened to help increase security. Furthermore, the third-party components
used by SESU are listed on the “About” page and a new “automatic update”-feature has been
implemented. This can be disabled (Opt-Out) on the “Settings” page:

Release Notes Schneider Electric Software Update 8 of 20


2.9 Changes brought by the version 2.5.3
This version resolves connectivity problems related to the improvement program.

2.10 Changes brought by the version 2.5.2


2.10.1 Resolved cybersecurity issue (CVE-2021-22799)

This version resolves the cybersecurity issue (CVE-2021-22799) involving the proxy credentials
stored in the Schneider Electric Software Update proxy settings.

2.10.2 Notification improvement


Notifications for managed Schneider products can now be moved.

2.11 Changes brought by the version 2.5.1


2.11.1 Cybersecurity issue fixed (CVE-2016-2542)
This version resolves the cybersecurity issue (CVE-2016-2542) related to the installation of the
Schneider Electric Software Update on Windows 7 operating systems. It could be used to gain
privileges in the current working directory and execute malicious code.

Release Notes Schneider Electric Software Update 9 of 20


2.11.2 Adherence to the Federal Information Processing Standard (FIPS)
At the time of its release, Schneider Electric Software Update 2.5.1 meets the Federal
Information Processing Standard (FIPS).

2.12 Changes brought by the version 2.5.0


2.12.1 Address of the Schneider Electric Update server has changed
To enhance cyber security and maintain backward compatibility, Schneider Electric will set up two
Software Update servers in the second quarter of 2020:

• A new primary one which provides all available Software Updates and allows connections
only via security protocol TLS 1.2 and higher.

• A second one running on the old address which still can be reached via TLS 1.0. It does not
allow direct downloads, because they might get attacked under TLS 1.0, and it offers update
notifications only for a small set of products like Schneider Electric Software Update itself or
the Schneider Electric License Managers.

The second one is intended mainly for customers that refresh their PC and install older versions
of Schneider Electric software products, that are not prepared to use TLS 1.2. It will remind the
users to update their Software Update component and their License Managers to keep the update
and licensing services running properly in the future.

The second server will be shutdown sometime in 2020/2021, when the majority of Software
Update users will have migrated towards using this 2.5.0 version.

Version 2.5.0 is the only version of Schneider Electric Software Update that is prepared to
connect to the new Software Update server. Therefore, it is necessary to update to version 2.5.0
as soon as possible in order to receive updates for Schneider Electric software products in the
future.

2.12.2 Addressed Cybersecurity issue


This version addressed a cybersecurity issue that could have potentially allowed attackers to
redirect Schneider Electric Software Update to a malicious update server.

2.13 Changes brought by the version 2.4.0


2.13.1 Security Protocol TLS 1.2 enabled
For cybersecurity reasons, Schneider Electric plans to deprecate the security protocols TLS 1.0
and TLS 1.1 on its web servers in 2020. Other companies like Apple, Google and Microsoft
announced to do the same.

Unfortunately, all previous 2.x versions of Schneider Electric Software Update had only DotNet
Framework 4.0 as target framework and as such did not support TLS 1.2 by default. This new
version 2.4.0 of Schneider Electric Software Update requires DotNet Framework 4.5 and it
explicitly enables TLS 1.2.

It is necessary to install this 2.4.0 version to be able to receive Updates for Schneider Electric
software products in the future.

Release Notes Schneider Electric Software Update 10 of 20


2.14 Changes brought by the version 2.3.1
2.14.1 Addressed Cybersecurity issue
This version addressed a cybersecurity issue that occurred when EcoStruxure Control Expert
was installed on the same machine as Schneider Electric Software Update.

2.15 Changes brought by the version 2.3.0


2.15.1 Hidden Updates
An Update which is not installed stays always visible in the list of Updates. This may be annoying
e.g. for Updates which are proposed for more than one language. Now you can decide for each
Update if it stays visible or if it goes hidden. This is the purpose of the new active sentence:
"Don't show this Update again":

Upon click on "Don't show this Update again", the Update disappears from the tab "Updates".
A new tab "Hidden Updates" is displayed where all hidden Updates are listed. In this tab, you can
now or later decide to show again any single Update by clicking on "Show this Update again":

Release Notes Schneider Electric Software Update 11 of 20


2.15.2 Proxy Settings
An internet connection is required from the Schneider Electric Software Update (SESU) software
in your PC to the Schneider Electric Software Update server when the SESU is checking for
Updates.

Your PC may not have a direct connection to the internet. But your company may anyway have a
PC acting as a router, a gateway or a proxy between your intranet network and the Internet.

In this case, you can now set up the SESU to exchange data with the Schneider Electric Update
server through your company proxy.

For the proxy authentication it is recommended to use the latest password security standards.

Release Notes Schneider Electric Software Update 12 of 20


2.15.3 File size limit for automatic downloads
If you prefer to avoid automatically downloading large update files to your PC, you may now
define a size limit for such downloads.

2.15.4 Simplified change of the display language


In previous versions, changing the display language in the Settings tab only took effect after
closing and reopening the Microsoft Windows session, which was necessary to restart the
Schneider Electric Software Update (SESU) process. Now, you can directly restart the SESU
process within the Language Settings tab after changing the language, so the changes take
effect.

Release Notes Schneider Electric Software Update 13 of 20


2.15.5 Autocorrection of internal local cache corruptions
Schneider Electric Software Update (SESU) keeps an internal local cache to reduce network
traffic. In rare cases this cache gets corrupted and prevents future checks for Updates.

When SESU is now detecting this issue, it is offering the following action to solve it:

2.15.6 Support of Russian and Turkish languages


In this version, the range of available languages for the Schneider Electric Software Update user
interface as well as for its installation has been expanded with Russian and Turkish. The user has
now the possibility to choose between 10 languages, which can be selected:

• Chinese
• English
• French
• German
• Italian
• Japanese
• Portuguese
• Russian
• Spanish
• Turkish

Release Notes Schneider Electric Software Update 14 of 20


2.16 Changes brought by the version 2.2.0
2.16.1 Cybersecurity increased
Additional cybersecurity checks are now performed by Schneider Electric Software Update at
launch time.

2.16.2 Faster detection of newly installed Schneider Electric software products


When another Schneider Electric product was installed on the PC, in earlier versions it took until
the next check for Updates before the product was detected by Schneider Electric Software
Update. Now the new product will be displayed in “Settings/Managed Products” directly after its
installation.

2.17 Changes brought by the version 2.1.2


2.17.1 Support of Japanese language
In this version, the range of available languages for the SESU User Interface as well as for its
installation was expanded with Japanese. The user has now the possibility to choose between 8
languages, which can be selected:

• English
• French
• Spanish
• German
• Italian
• Portuguese
• Chinese
• Japanese

Release Notes Schneider Electric Software Update 15 of 20


2.18 Changes brought by the version 2.1.1
2.18.1 Implicit download of updates
This new feature of „implicit download of updates“ is an answer to the following frequently
expressed concern made by Microsoft customers about the update process of Windows: „I would
like that software updates are more transparent. I would like to have more control over the
moment when updates are installed and that the update requires less local treatment. In short I
would like to have a better autonomy.“.

In Schneider Electric we believe this is a general concern of customers about any type of
software update.

How does this feature operate?


By default, available software updates are now downloaded automatically in the background, and
you are notified about them after completion of the download.
In the previous versions the notification was shown before. And then the user was offered the
choice to either download and then install the update or postpone the update.
Now the user is only offered the choice either install the update or postpone it.

What is the advantage?


The actual time to install an update as perceived by the user is reduced.
This is because the user has no longer to wait until the end of the download before requesting the
update installation.

And what if the user prefers the previous ‚explicit download‘ behaviour?
The previous behaviour is still possible by modifying the category “Download Behaviour” in the
Settings tab.
All other pre-existing features and behaviours have been kept identical.
For instance the distinction between ‚updates‘ and ‚critical updates‘ still applies.

2.18.2 Updates from the Web


SESU can now again propose software updates that can be downloaded from a web page in an
Internet browser instead of from within the SESU interface itself.

This behaviour was implemented in SESU V1.x but not in V2.0.x.

An update from the Web is in most cases an update which is not free of charge.
So, this is usually what is considered a major update or upgrade.

To access the download capability for such an update in the Web page, the user may be required
to enter some credential information.

Release Notes Schneider Electric Software Update 16 of 20


2.19 Changes brought by the version 2.0.1
This version has an improved user interface.

All actions needed to update any Schneider Electric software product installed on your PC can be
performed in one window with only a few mouse clicks.

The software is normally running in the background. When it detects new Updates, you are
informed via a popup notification like:

Under Settings/Notifications you can configure, how often these checks for Updates are
performed (daily, weekly …).

Updates are classified as either ‘critical’ or ‘normal.’ After viewing a normal update in the user
interface, you will no longer receive notifications for it. For critical updates, you can set the
program to periodically remind you with a pop-up notification until these updates are installed.

The section 16.8 of the End User License Agreement (EULA) has been updated following the
latest changes of the Schneider Electric policies.

Release Notes Schneider Electric Software Update 17 of 20


3 BUG FIXES

3.1 Bugs addressed in the version 2.1.1

3.1.1 Uninstall issue of the License Manager on some PCs


The uninstall of the Schneider Electric License Manager can be unsuccessful on some PCs.
This is caused by SESU V2.0.2 running in the background and blocking the “FlexNet Licensing
Service” from being uninstalled.

This bug is addressed in SESU 2.1.1.

3.2 Bugs addressed in the version 2.0.2


3.2.1 File access problem with special characters in username
In case the username in Windows contained special characters like ä or é, SESU 2.0.1 could not
check for Updates and in the log file the following error was reported:

Failed file open. [1,7DF,C,0[73000041,3,400703F3]]

This bug is addressed in SESU 2.0.2.

3.2.2 Proxy Authentication required (Error 407)


Some users could not check for Updates, because they work with a proxy that requires
authentication. In such cases you saw in the Update tab of the main screen the error text

Could not connect to the Schneider Electric Update Server

and in the log file you found:

The remote server returned an error: (407) Proxy Authentication Required.

This bug is also fixed in SESU 2.0.2 by telling the system to use the default proxy credentials
when connecting to the Schneider Electric Update server.

Release Notes Schneider Electric Software Update 18 of 20


4 KNOWN ISSUES

Internal reference Description


66113 In certain situations, the Schneider Electric Software Update Client displays an
unexpected behavior where its tabs appear empty upon switching. This issue
is particularly noticeable in virtual machine environments after resuming them
from sleep mode.

To resolve this issue, users can minimize the Schneider Electric Software
Update Client and then reopen it to make the content visible again.

Release Notes Schneider Electric Software Update 19 of 20


5 SECURITY GUIDELINES
To help improve the security of your processes and data, follow these guidelines.

1.1 Perimeter Hardening


• Configure access controls including file, directory, and network share permissions with the
least privilege.
• Ensure all other cyber defenses are up to date.
For detailed information, see the Schneider Electric Industrial Cybersecurity Services website:
https://www.se.com/ww/en/work/services/field-services/industrial-automation/industrial-
cybersecurity/industrial-cybersecurity.jsp

1.2 Network Hardening


• Use router ACLs to limit TCP ports and traffic to only where needed.
• Use host-based firewalls to limit communication on TCP ports, especially between
workstations.
• For additional recommendations on how to help improve network hardening refer to this
Cybersecurity System Technical Note:
https://www.se.com/ww/en/download/document/STN%20v2/?searchSource=guided

1.3 Workstation Hardening


• For software from Schneider Electric installed on your PC, always apply updates flagged as
Critical within the Schneider Electric Software Update (SESU).
• Always apply Schneider Electric software fixes and patches from legitimate sources.
Schneider Electric regularly posts security notifications and updates to address known
vulnerabilities.
For more details on vulnerabilities and patches, visit Schneider Electric Cybersecurity Support
Portal: https://www.se.com/ww/en/work/support/cybersecurity/security-notifications.jsp
• Keep your machine up to date by installing operating system patches and antivirus/anti-spam
software latest updates Regularly apply Windows Security Updates.
• Confirm you have up-to-date backups.

1.4 Organizational Policies


• Enable strong spam filters to help prevent phishing e-mails from reaching end users and
authenticate inbound email.
• Inform and educate your employees to identify scams, malicious links, and social engineering
attempts.
• Disable macro scripts from Microsoft Office files transmitted via email.

To obtain assistance on how to help protect your installation, contact your local Schneider Electric
representative.
For more information, refer to Schneider Electric’s Recommended Cybersecurity Practices:
https://www.se.com/ww/en/download/document/CS-Best-Practices-2019-340/
To submit a cybersecurity question, report security issues, or get the latest news from Schneider
Electric, visit the Schneider Electric Cybersecurity Portal:
https://www.se.com/ww/en/work/support/cybersecurity/vulnerability-policy.jsp

Release Notes Schneider Electric Software Update 20 of 20

You might also like