robot
2021.10
false
UiPath logo, featuring letters U and I in white
OUT OF SUPPORT

Robot User Guide

Last updated Nov 11, 2024

2021.10.4

Release date: 7 December 2021

Improvements

  • Different JIT optimization profiles are now used for different processes.

Security Update

  • UiPath Assistant desktop application registers a URI handler to allow users to open it for specific links present in web applications. This functionality is used for sign-in, notifications, and error messages.

    • An issue was fixed in one command line parameter, the name of the process, which was reflected in the user interface of Assistant. The functionality allowed users to see details regarding the process name which encountered an error; however, it was possible for a malicious web page opening the desktop application to use arbitrary text which was displayed in the user interface of the Assistant.
    • A separate issue was fixed in one command line parameter identifying a widget. The functionality allowed users to develop and run Assistant widgets from the command line; however, it was possible for a malicious web page opening the desktop application to inject a remote file location of a widget using a network share.
    • The issues are not directly exploitable. They require opening a malicious link and confirming the browser dialog, asking the user to open a custom link with UiPath Assistant.

Additional information on the updates described above can be found on the following links:

More details can be found in the advisory section of the UiPath Trust Portal.

Important: Erratum 16 December 2021: added links to the UiPath Trust Portal advisory for these issues.

Bug Fixes

  • An issue causing the UiPath Assistant to remain in a suspended state when the session created using Interactive Sign In expires has been resolved.
  • An issue where the UiPath Assistant returned an error after setting a keyboard shortcut using special characters such as “Control+shift+¥” has been resolved.
  • An issue causing the “Send to Desktop” function to fail has been resolved.
  • An issue affecting service mode deployments using NTLM proxy configurations has been resolved.
  • Improvements
  • Security Update
  • Bug Fixes

Was this page helpful?

Get The Help You Need
Learning RPA - Automation Courses
UiPath Community Forum
Uipath Logo White
Trust and Security
© 2005-2024 UiPath. All rights reserved.