Blue Prism 6.10.5: August 2022

The table below summarizes the components that relate directly to this Blue Prism Enterprise release.
Database |
468 |
This release requires the Blue Prism database to be this version. |
Login Agent |
6.10.5 |
There have been no functional updates to the Blue Prism Login Agent. The version of Login Agent that is provided with this release of Blue Prism has the same functionality as the version provided with Blue Prism 6.7. |
Browser extensions |
6.10.5 |
For the latest compatibility information, see the browser compatibility matrix in the Blue Prism online help. |
Authentication Gateway |
1.0 |
Authentication Gateway version 1.0 must be installed to use Authentication Gateway with Blue Prism 6.10.5. Download the installer from the Blue Prism Portal – select Product > Blue Prism Enterprise > Extras. |
Data Gateways engine |
1.3/1.4 |
The Data Gateways engine version 1.3 or 1.4 (recommended) must be installed to use Data Gateways with Blue Prism 6.10.5. Download the installer from the Blue Prism Portal – select Product > Blue Prism Enterprise > Extras. |
Applying this patch release
To upgrade to this version, this patch release must be applied to all the following components throughout your Blue Prism environment for it to be operational:
Interactive clients | Runtime resources | Application servers |
---|---|---|
Yes |
Yes |
Yes |
Please review the
Known issues
A list of any prominent issues with this release is maintained in the knowledge base – click here for more information.
Secure development policy
Blue Prism’s secure development process is a market-leading, embedded security culture, focused on delivering security excellence through four key principles:
- Education – Providing up-to-date knowledge, information, and training to the development team.
- Evaluation – Regular reviews of our products using industry standard frameworks and security tools.
- Elimination – Remove potential threats through the evaluation of standards, compliance, and performance.
- Evolution – Continued improvement of our security program, ensuring alignment with our product technologies and by reacting effectively to new and emerging threats.
Blue Prism secure development is based on OWASP ASVS, ISO 27034 and GDPR Article 25 standards and practices. For more information, see Blue Prism's comprehensive secure development process.
Enhancements
Description of change |
Reference |
---|---|
The following enhancements have been made to the browser extensions functionality:
For more information, see the upgrade notices and the |
BP-9806 BP-7159 (BP-7541) BP-9025 BP-10661 BP-10663 |
The following enhancements have been made to the Blue Prism connection configuration functionality:
Please consult with your security team before enabling this option as NTLM is considered a less secure protocol. For more information, see the Blue Prism Enterprise installation guide. |
BP-8773 BP-8918 |
Fixes and minor improvements
Description of change |
Reference |
---|---|
An issue has been fixed for Blue Prism environments that use both multi-team environments (MTEs) and resource pools. In MTEs, sessions from resources in a resource pool in a restricted group can no longer be viewed in Control Room by users without appropriate permission. The access rights applied to a group now apply to all items, including pools and any child groups and their contents, so only users with relevant process and resource pool permissions can see restricted sessions. For additional information about MTEs and resource pools, see Multi-team environments and Resource pools. |
BP-8890 |
Various security improvements around server permissions and communication have been made in this release. The following Common Vulnerabilities and Exposures (CVEs) have been addressed:
For details of these CVEs, see Security Vulnerabilities August 2022 on the customer portal. |
BP-10244 |
An issue has been fixed where, when working with application elements using the Match Index attribute and the value of this index was greater than 0, the Java changes introduced in 6.10.3 by BP-5099 could cause intermittent crashes of Java applications that were automated using the Java Access Bridge spy mode. |
BP-10711 |
When executing a process against a 64-bit Java application, an error triggering the message Arithmetic operation resulted in an overflow no longer occurs when automating data in Java tables using the Get All Items action.This has been fixed by updating the conversion mechanism so long values are converted to integer values. |
BP-3786 |
The security of the existing browser extensions using Manifest V2 has been improved by removing several permissions that were not required. |
BP-10649 |
Control Flow Guard (CFG) has been activated for unmanaged code projects in the Blue Prism Automate application, such as C++ and Activator (32-bit and 64-bit) projects, in line with information security industry standards. |
BP-9228 BP-9226 BP-9648 |
All DLL files included in the Blue Prism Automate application are now digitally signed in line with information security industry standards. |
BP-9298 |
An error no longer occurs during the GetEffectiveRunMode call when the same process is configured to be run by multiple runtime resources at the same time using concurrent schedules. |
BP-9185 |
Browser extension versions
The table below shows when each Blue Prism extension, compatible with this release was introduced. For details of the latest browser versions Blue Prism is tested against, see the Browser extension compatibility matrix.
Browser | Blue Prism extension versions | Date available | ||
---|---|---|---|---|
Chrome |
|
16 August 2022 | ||
Edge Chromium |
|
16 August 2022 | ||
Firefox |
Manifest V2: |
16 August 2022 |