robot
2021.10
false
- Release Notes
- Getting Started
- UiPath Assistant
- Installation and Upgrade
- Robot Types
- Robot Components
- Licensing
- Connecting Robots to Orchestrator
- Processes and Activities
- Logging
- Robot JavaScript SDK
- Specific Scenarios
- Windows Sessions
- Login Using Thales Luna Credential System
- Login Using NShield Key Storage Provider
- Redirecting Robots Through a Proxy Server
- Executing Tasks in a Minimized RDP Window
- Using Mapped Network Drives
- Stopping a Process
- Disable Stop Button
- Custom Package Folders and Network Paths
- CrowdStrike Integration
- Troubleshooting
- Unresponsive Robot Over RDP
- Duplicate Execution Logs
- Frequently Encountered Robot Errors
- Increased Process Execution Duration
- Enforced Package Signature Verification
- Message Too Large to Process
- Errors When Running as Administrator
- NuGet Packages Not Accessible After Migration
- User Access Control Prompt and UI Automation Activities
- .NET6 Projects Fail to Run
OUT OF SUPPORT
Robot User Guide
Last updated Nov 11, 2024
2021.10.4
Release date: 7 December 2021
-
UiPath Assistant desktop application registers a URI handler to allow users to open it for specific links present in web applications. This functionality is used for sign-in, notifications, and error messages.
- An issue was fixed in one command line parameter, the name of the process, which was reflected in the user interface of Assistant. The functionality allowed users to see details regarding the process name which encountered an error; however, it was possible for a malicious web page opening the desktop application to use arbitrary text which was displayed in the user interface of the Assistant.
- A separate issue was fixed in one command line parameter identifying a widget. The functionality allowed users to develop and run Assistant widgets from the command line; however, it was possible for a malicious web page opening the desktop application to inject a remote file location of a widget using a network share.
- The issues are not directly exploitable. They require opening a malicious link and confirming the browser dialog, asking the user to open a custom link with UiPath Assistant.
Additional information on the updates described above can be found on the following links:
More details can be found in the advisory section of the UiPath Trust Portal.
Important: Erratum 16
December 2021: added links to the UiPath Trust Portal advisory for these
issues.
- An issue causing the UiPath Assistant to remain in a suspended state when the session created using Interactive Sign In expires has been resolved.
- An issue where the UiPath Assistant returned an error after setting a keyboard shortcut using special characters such as “Control+shift+¥” has been resolved.
- An issue causing the “Send to Desktop” function to fail has been resolved.
- An issue affecting service mode deployments using NTLM proxy configurations has been resolved.
