In Security Advisories 44503, Pulse Secure advised us all to upgrade previous Windows Client 9.1R5 and older (such as 5.3R7.1, 9.0R4, 9.1R3.1) to 9.1R7 to address client-side vulnerabilities.
Most of our appliances are running Pulse Connect Secure 8.3R7.1 (pending replacement with PCS 9.1R7 to be built).
Since PCS 8.3R7.1 use different/older PSAL, different/older Pulse Setup Client, different/older Pulse Installer Service, IF I upload the Pulse Desktop Client (PDC) 9.1R7 package "ps-pulse-9.1r7.0-b2525-package.pkg" to those PCS 8.3R7.1 appliances and set that PDC 9.1R7 to be the ACTIVE CLIENT PACKAGE, will it PROPERLY/CORRECT install / upgrade existing older versions of Pulse Desktop Client 5.3R7.1 and 9.0R4 and 9.1R3.1 on my endpoints properly when those older Pulse Desktop Clients connect to those appliances?
The reason is ask is because PCS 8.3R7.1 use different/older PSAL, different/older Pulse Setup Client, different/older Pulse Installer Service.
The Security Advisory said in Question 5, "Question 5: How do I deploy the patched Pulse Secure Desktop clients to my endpoints? Answer: If you intend to deploy a patched Pulse Secure Desktop Client, upload the client bundle to your PCS or PPS gateway, configure it as the active version, and have your end users connect to the gateway. The Pulse Secure Desktop Client will auto-upgrade upon connection.", ---> but since PCS is 8.3 branch and PDC is 9.1 branch are different, I am uncertain whether that will work correctly.
Any advice would be greatly appreciated. Thanks.
We also have a SM360 with PCS 8.3R7.1 and we are pushing PDC 9.1.7 for our users without major issues, most of them upgrading PDC from 8.3.7.
But this is the easy part. The users must also to update JPIS and it is a manual process (or automated with SCCM).
we run PCS 9.0.4, and client 9.1.1 (using the client package to for deployment)
when I tried uploading the 9.1.8 , our Windows 10 clients updated easily, but our Windows7 clients fail to download the application from the SA3000
same with 9.1.7 and 9.1.7r1
which is a shame as those W7 are the ones we need to update , while they're away because of partial lockdown
so even newer versions are not safe on this