We will be upgrading all MOVEit Cloud servers on November 15th to Transfer 2020.1.
2020.1 release notes for the upcoming MOVEIt Cloud upgrade:
MOVEit Transfer 2020.1 features numerous customer and partner-requested fixes.
Download folders as zip in MOVEit Transfer web app
ADFS 4.0 and 5.0 Support
Mobile and Desktop Client Single Sign-on
RESTful API Improvements
ID Category Fixed Issue
* 4364 SSH Module Fixed issue where after upgrade from 2019.2, the SSH server reported a fault, possibly due to server load.
* 5237 Legacy Uploader Fixed issue where if you turn off the new uploader and opt for the legacy uploader (pre 2019.2), MOVEit Transfer blocked the upload based on X-Forwarded-For header leveraged to identify proxy traffic.
* 7027 Security Fixed SSRF vulnerability where an authorized admin user could view recently-downloaded filenames.
* 7065 Security Fixed X-FRAME-OPTIONS setting to ensure security best practices when handling HTML frames.
* 7167 HA Service Fixed small memory leak.
* 8683 (382921) Security Fixed a security error that could allow an authorized user to view another user's default directory, under certain unusual circumstances.
* 4213 WebUI Fixed issue where downloading a saved report file using the WebUI could result in a partial copy of the file (and fail file validation).
* 4740 WebUI Fixed issue where GroupAdmins could grant Folder Sharing permissions to a Regular User, but at a later time the UI did not provide controls to remove the privilege.
* 11537 WebUI Fixed issue where typing in Create User As a Clone of field failed to auto complete with a list of current users to clone from.
* 6067 Admin Guide Fixed issues and updated Settings > Security Policies > Password topic in Administrator Guide.
* 4159 (12239) Download Fixed case where file not downloaded when at the same time the platform allowed filenames comprised of quotation mark characters.
* 5316 Security Resolved file information disclosure that could be possible when certain folder inheritance settings were met.
* 11540 Ad Hoc Message/security Fixed case where script tags need to be removed from Ad Hoc messages.
* 11644 Logging/WebUI Fixed issue where blank log entry is written after blank client key is uploaded.
* Please note that the test server has already been upgraded to the new version, so customers who've purchased a test server Org can start their testing.
Oct 20, 07:32 CDT
We will be upgrading all of the MOVEit Cloud servers on November 15th to Transfer version 2020.1, so please plan on these servers to be unavailable for all of the maintenance window.
Dec 2, 09:20 CST
We will be patching all of the MOVEit Cloud servers and expect there to be minimal downtime for this maintenance window while servers are patched and rebooted.
Dec 2, 09:21 CST