#1 Global Leader in Data Resilience

Release Information for Veeam Backup & Replication 12.1 and Updates

KB ID: 4510
Product: Veeam Backup & Replication | 12.1
Published: 2023-12-05
Last Modified: 2024-08-28
mailbox
Get weekly article updates
By subscribing, you are agreeing to have your personal information managed in accordance with the terms of Veeam's Privacy Notice.
This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply except as noted in our Privacy Policy.

Cheers for trusting us with the spot in your mailbox!

Now you’re less likely to miss what’s been brewing in our knowledge base with this weekly digest

error icon

Oops! Something went wrong.

Please, try again later.

This update has been superseded by Veeam Backup & Replication 12.2.

Requirements

You can check the installed build number in the Veeam Backup & Replication Console's Main Menu () under Help > About.

This article has two download links:

  • Updater — Use this if you are running at least Veeam Backup & Replication 12.1 (build 12.1.0.2131). After updating, the build number will be 12.1.2.172.
  • ISO — Use this if you are running any Veeam Backup & Replication version between 10a (10.0.1.4854) and 12 (12.0.0.1420 P20230718), to upgrade to the latest build of 12.1 (build 12.1.2.172). Remember to always review the Upgrade Checklist as part of your upgrade process.

Release Information

12.1.2.172

2024-05-21

Security

Vulnerabilities

Indicated severity values are CVSS 3.1 scores.

Veeam Backup Enterprise Manager (VBEM)

  • CVE-2024-29849 | Severity: Critical (9.8)
    This vulnerability in VBEM allows an unauthenticated attacker to log in to the VBEM web interface as any user.
  • CVE-2024-29850 | Severity: High (8.8)
    This Vulnerability in VBEM allows account takeover via NTLM relay.
  • CVE-2024-29851 | Severity: High (7.2)
    This vulnerability in VBEM allows a high-privileged user to steal the NTLM hash of the VBEM service account if that service account is anything other than the default Local System account.
  • CVE-2024-29852 | Severity: Low (2.7)
    This vulnerability in VBEM allows high-privileged users to read backup session logs.

Veeam Agent for Windows (VAW)

  • CVE-2024-29853 | Severity: High (7.8)
    This vulnerability in VAW allows for Local Privilege Escalation.
Third-Party Components
  • VMware Virtual Disk Development Kit (VDDK) is no longer directly integrated into the Veeam Transport component and is now only installed for backup infrastructure roles involved in vSphere interaction.
  • VMware Virtual Disk Development Kit (VDDK) was updated to 7.0.3.4 to address CVE-2023-38545.
  • Microsoft .NET 6.0.25 was updated to 6.0.29.
  • Microsoft WebView2 was updated to 123.0.2420.81.
  • PostgreSQL installer was updated to 15.6.1.
  • PuTTY was updated to 0.81.
  • Curl was updated to 8.5.
Hardened Repository
  • Hardened repositories installed on RHEL 8/9 and Rocky 8/9 now support applying DISA STIG profiles.
     

New Features and Enhancements

Platform Support
  • AlmaLinux 9.3 and Rocky 9.3 supported for use as Linux-based backup repositories and backup proxies.
  • Microsoft Azure Stack HCI 23H2 (March 2024 build) support.
  • Microsoft SharePoint Subscription Edition 24 H1 support for application-aware image processing.
General
  • Improved VMware NBD (Network Transport Mode) transport mode performance by up to 2x.
  • Backup Copy jobs now support using other backup copy jobs as a source for VMware, Cloud Director, and Hyper-V workloads.
  • Reduced the performance impact of disk fragmentation on ReFS repositories with Integrity Streams disabled by removing the unneeded low-level file system call.
  • Improved Veeam Backup Enterprise Manager data collection performance.
  • Veeam AI Assistant window now leverages Markdown markup language for prettier output.
  • Windows and Syslog events now contain the backup server’s build number.
  • ZFS Block Cloning technology preview. This preview aims to allow Veeam enthusiasts to test the long-term stability and performance of this new ZFS capability. This functionality is currently not supported for production use (not even under Experimental Support terms) and, therefore, should only be used in test labs. For more information, please refer to this Veeam R&D Forum thread.
Malware Detection
  • Added the ability to exclude specific file paths from suspicious file system activity analysis.
  • Bulk Rename events will now create detailed logs with the list of affected files in the following location: C:\ProgramData\Veeam\Backup\Malware_Detection_Logs\
  • Malware detection-related Windows events and Syslog events now provide additional information such as object names, restore point timestamps, and backup server version.
  • To reduce the number of false positives from the suspicious file system activity analysis engine, the threshold for the minimum number of modified or deleted files has been increased.
  • The sensitivity settings of the proprietary ML malware detection model have been tuned to reduce false positives coming from the inline detection engine.
  • To reduce confusion, the “Ransomware Note” malware detection event has been renamed to “Onion Links.”
  • Onion links are now detected even in files that are 900 bytes or smaller in size, which NTFS stores directly in the MFT partition.
  • Malware detection logs are now archived every week into dedicated zip packages.
Enterprise Applications
  • Added support for network traffic encryption (configured in the Global Network Traffic rules dialog) for all application plug-ins.
  • Veeam Plug-in for Oracle RMAN: multiple Oracle RAC and Oracle Exadata deployment scenario specific enhancements in response to real-world customer feedback.
  • To simplify disaster recovery scenarios, the Db2 plug-in configuration tool now includes a command to get the list of available restore points with timestamps from Veeam Backup & Replication.
  • The Microsoft SQL Server plug-in will now intercept errors during backup and recovery command execution and return these error codes to the SQL Server to ensure that the SQL Agent Jobs does not report false-successful results.
  • Microsoft SQL Server plug-in will now use the latest version of the ODBC driver present in the system in cases when ODBC driver v17 is not present. You can also force the specific version usage through veeam_config.xml.
  • Veeam Plug-in for SAP on Oracle: added support for Oracle Linux 8.
Object Storage
  • Veeam Data Cloud Vault, a fully managed secure cloud object storage by Veeam, is now integrated directly into the user interface.
  • Scale-out backup repositories now support multiple Performance Tier and Capacity Tier extents backed by Smart Object Storage API (SOSAPI) enabled object storage.
  • AWS S3 and IBM Cloud Storage: The default generation period value was increased for AWS S3 and IBM Cloud Storage object storage repositories to minimize the number of API calls and reduce the total storage cost.
  • Added support for the new AWS region: Canada West (Calgary).
  • Lowered CPU consumption on the backup server during the checkpoint removal process.
Primary Storage
  • IBM SVC: Default grainsize and rsize parameter values for creating IBM FlashCopy snapshots were changed to the values recommended by the vendor to improve backup from storage snapshots job performance.
Secondary Storage
  • Dell Data Domain: Added support for DDOS 8.0.
  • Dell Data Domain: The default DDBoost connection cache value was increased, and the cache itself was optimized to reduce the number of active connections significantly; improved backup performance to Scale-Out Backup Repository with a large number of Data Domain extents.
Security & Compliance Analyzer
  • A new backup infrastructure check was added to ensure that the PostgreSQL instance hosting the configuration database has been configured with the recommended settings. These settings can be applied with the Set-VBRPSQLDatabaseServerLimits cmdlet.
  • All service status validations now also check whether the checked services are running instead of only verifying their startup type.
  • Improved the “Host to Proxy traffic encryption” test to cover additional backup proxy deployment scenarios.
Veeam Agents
  • Veeam Agent for Windows 6.1.2.134:
    • Support for Metadata Service Version 2 for AWS machines added to Cloud Native protection groups.
  • Veeam Agent for Linux 6.1.2.1781:
    • AlmaLinux 9.3 & 9.4, RHEL 9.4, Rocky 9.3 & 9.4, and Ubuntu 24.04 Linux distributions support.
    • Support for booting Recovery Media in a PXE environment.
    • Support for Metadata Service Version 2 for AWS machines added to Cloud Native protection groups. 
  • Veeam Agent for Mac 2.1.2.464
    • Added the ability to exclude folders from backup.
    • Objects with the com.apple.metadata:com_apple_backup_excludeItem attribute are now automatically excluded from backup.
  • Veeam Agent for Solaris 4.1.1.1423
    • Added Bare Metal Recovery support for the latest Solaris updates.
       

Resolved issues

General
  • Processing rate values over 1GB/s are displayed as a whole number only. They will now be rounded to one decimal place.
  • High RAM consumption on backup infrastructure components with a large number of CPU cores due to autoscaling the number of buffers according to core count.
  • High RAM consumption by Veeam Catalog Service when processing machines containing more than 10 million files.
  • High RAM consumption during support log bundle export activity.
  • Marking backup as infected was not correctly applied to restore points created by CDP jobs.
  • Restore from configuration backup fails when the File to Tape catalog contains over 1 billion records.
  • Security & Compliance Analyzer treats Windows Firewall settings applied with a Group Policies Object (GPO) as not implemented best practice.
  • Attempting to revoke a capacity-based license fails with the following error:
    This type of CollectionView does not support changes to its SourceCollection from a thread different from the Dispatcher thread.
VMware vSphere
  • The maximum number of allowed simultaneous NFC connections has been reduced slightly to avoid jobs failing with “VDDK error 16000” in highly loaded vSphere environments.
  • High RAM consumption on Linux backup proxies during backup from storage snapshots.
  • Instant Recovery to VMware from a Nutanix AHV backup containing Ubuntu VM with LVMs disks fails to start the restored VM.
  • The CDP failover wizard does not highlight intervals where malware activity was detected.
Microsoft Hyper-V
  • Hyper-V CBT rescan generates unnecessary warnings for standalone SMB3 servers.
  • Guest processing via PowerShell Direct fails when PowerShell 2.0 is uninstalled from the Hyper-V host and replaced with a newer version.
Cloud Director
  • Self-Service Backup Portal: Job templates do not propagate 8MB block size selection to provisioned backup jobs.
  • Veeam Plug-in for VMware Cloud Director: Plugin encounters a failure when interacting with the latest versions of Cloud Director (10.4.1 and higher) when deployed in a multisite environment.
Agent Management
  • The managed by backup server jobs report displays incorrect backup size.
  • Agent backup jobs to S3-compatible object storage repositories start failing on the configuration import step if the object storage certificate changes.
Unstructured Data Backup
  • Backup I/O Control does not correctly apply the specified throttling settings in certain scenarios.
  • Backup of open files hosted Windows Servers with the following error:
    Unable to backup \\?\. Unexpected content stream size.
    
  • Deleting one of the file shares from a source backup results in the associated Backup Copy jobs moving existing backups to the Orphaned node.
  • Backup Copy jobs attempt to copy incomplete restore points that are still being processed by a source backup job.
  • Each health check task deploys a separate Helper Appliance, potentially resulting in a very large number of appliances created.
  • Restoring an object storage bucket to its original location fails if the bucket has been removed from the source infrastructure.
  • The max concurrent tasks prompt now bases its suggestion on both the RAM and CPU count of the backup proxy server, as opposed to core count only.
Backup Copy
  • Backup Copy jobs may fail to process VM templates with the error:
    Cannot find the source backup for the object
    
SureBackup
  • Some temporary files may erroneously remain in the virtual lab host’s datastores after SureBackup jobs are completed.
  • Adjusted maximum allowed boot time setting in Hyper-V-based Virtual Labs for agent-based backups of Domain Controller.
  • Advanced script settings are not applied to agent-based backup.
Tape
  • The presence of agent-based backups with transaction log backups made the Backup to Tape jobs with the backup repository as scope fail with the following error:
    Sequence contains no matching element.
    
  • Conflict with the source backup job resource locks may lead to successful tape jobs incorrectly marked as “Failed”.
  • Querying the tape partition information fails for LTO3 and LTO4 tapes.
  • Erasing tapes with an unknown block size is not possible.
  • ANSI-encoded files could not be restored from File to Tape backup made from machines with the Japanese locale.
Primary storage
  • Cisco Hyperflex: Storage rescan task and backup from storage snapshot fails on ESXi versions prior to 7.0.3.
  • IBM FlashSystem: an empty volume group is left on the storage if a network problem occurs while a snapshot clone is being deleted.
Object storage
  • The health check process erroneously attempts to verify restore points that have been offloaded to the Archive Tier.
  • The checkpoint removal process may fail to resume loading Meta/Blocks/Checkpoints/metastore with the following error:
    S3 error: The specified version does not exist
    
  • If the S3-compatible object storage fails to delete the temporary backup metadata, the subsequent  checkpoint repair processes fail with the error:
    Item is locked by a running session
    
  • GFS checkpoint creation failure, followed by an unsuccessful repair attempt, causes backup jobs to fail with an access denied error.
  • The Network.RetrieveSSLCertificate command does not timeout during the certificate revocation list check and, as a result, may hang indefinitely.
  • Under certain circumstances, agents backing up directly to an object storage repository may hang on executing the Cloud.ReleaseLock command.
  • Linux-based gateway servers may hang on the execution of the Cloud.CreateCheckpoint command against long and encrypted backup chains.
  • Under rare circumstances, backup jobs pointed to an object storage repository may fail with the error:
    add_certificate_authority: cert already in the hash table
    
  • The immutability update process appears to hang with no activity when processing long backup chains.
Scale-out Backup Repository
  • The Capacity Tier Move policy incorrectly starts offloading full backup as soon as the corresponding restore point falls out of the operational restore window, thus affecting the restore performance of dependent incremental points that remain within the operation restore window and on Performance Tier.
  • Removing an Archive Tier extent from a scale-out backup repository fails with the following error:
    Stored procedure execution failed
    
  • Backups exported from the Archive Tier are downloaded to the Performance Tier, instead of remaining in object storage.
  • Backups downloaded from Capacity Tier to a Performance Tier extent backed by a Linux, Dell Data Domain, or HPE StoreOnce backup repository does not utilize Fast Clone or Virtual Synthetic Full functionality.
  • Backups created with a variable block size setting cannot be downloaded from a Capacity Tier to a Performance Tier extent backed by an HPE StoreOnce repository with a fixed block size setting enabled.
Veeam Cloud Connect
  • The Get-VBRFailoverPlan and Get-VBRReplica cmdlets return empty sessions.
  • Deleting a backup manually fails with the following error:
    Storage with id not found.
    
  • Cloud gateway servers with more than two IP addresses configured may become unresponsive.
  • Tenant backup quota’s usage is recalculated incorrectly after an agent-based backup chain transformation.
  • Tenant Backup copy erroneously merges incomplete restore points instead of discarding them.

12.1.1.56

2024-01-17

Enhancements

General

  • PuTTy has been updated to version 0.80.

Malware Detection

  • Malware detection based on file system activity analysis now creates a dedicated log file for each bulk file modification event to help you identify which files were removed or renamed. 
  • The location of the corresponding log file is now displayed directly in the session logs and the event details.
  • Added the ability to quickly and conveniently exclude all extensions that caused false-positive malware detection events from future monitoring directly from the event properties dialog.

    Note:
    Customers are advised to exclude extensions from monitoring only after verifying that a legitimate line of business application is producing the corresponding files.
  • The monitored malware extensions management dialog was updated with an inline search capability that looks up the extension to ensure the correct syntax is used when excluding extensions from monitoring.

Backup Infrastructure

  • Hardened repository servers and other managed Linux servers that were initially registered by leveraging single-use credentials no longer require enabling SSH Server and providing SSH credentials to perform Veeam components upgrade.

Resolved Issues

General

  • Storage-level corruption guard email reports ignore the status-based event filter in the Global Email notification settings.
  • Scan Backup does not leverage system locale settings and instead always displays the restore point date in the dd/mm/yyyy format.
  • A rare condition of high CPU usage by the CatalogDataService.
  • For configuration databases migrated from Microsoft SQL to PostgreSQL, job reports fail to open with the error:
    invalid XML content
    

Backup

  • Disk blocks backing the swap file (pagefile.sys) are not excluded from backup when the corresponding option is enabled.
  • Backup jobs fail to process VMs from two or more datastores backed by IBM SVC or derivative storage with FlashCopy snapshots enabled.

CDP

  • In rare circumstances, CDP policies may experience a data loss.

Cloud Director

SureBackup

  • SureBackup jobs are prevented from starting by a Transaction Log Backup Job, causing them to fail with the error:
    Cannot start Surebackup job to the latest restore point as some linked jobs are still running
    
  • SureBackup jobs using Hyper-V-based virtual labs fail to process agent backups, displaying the error:
    Exception of type 'System.ArgumentOutOfRangeException' was thrown
    
  • SureBackup jobs fail to start for certain machines, causing the error:
    The virtual machine cannot be powered on because the number of virtual CPUs is not a multiple of the number of cores per socket configured in the virtual machine
    

Object Storage

  • Creating an object storage repository using Azure Storage with an Entra ID using a certificate for credentials fails with the error:
    Failed to initialize Azure token requester client with certificate credentials
    
  • Offloading backups to an object storage repository backed by IBM Cloud fails with the error:
    Unable to find the specified file
    

Tape

  • After upgrading to Veeam Backup & Replication 12.1, File-to-Tape job with no inclusion file mask specified process no data, whereas such configuration was previously treated as an implicit *.* inclusion mask.
  • A Tape Job attempting to re-use a tape media that has been recently marked as available to use due to expired media pool retention may fail with the following error:
    The range specified in the FOR loop cannot have a NULL value
    

Setup

  • NDMP tape jobs are erroneously included in the warning about File-to-Tape jobs requiring a license.
  • Upgrading to version 12.1 from 11a fails if a File-to-Tape or NAS Backup job contains a folder with an apostrophe ( ' ) symbol in its name.

12.1.0.2131

2023-12-05

Release Information

Download Information

The installed build number can be found in the Veeam Backup & Replication Console's Main Menu (≡) under Help > About.
This update has been superseded by Veeam Backup & Replication 12.2.

Update Existing Veeam Backup & Replication 12.1 Deployments

Use the following Update Installer to update existing Veeam Backup & Replication 12.1 deployments to the latest build.
Note: The update installer will update Veeam Backup Enterprise Manager (VBEM) if it is detected as being installed.

This update installer may also be used to update standalone deployments of Veeam Backup Enterprise Manager and Veeam Backup & Replication Console.

DOWNLOAD LATEST 12.1 Update

Filename: VeeamBackup&Replication_12.1.2.172_20240516.zip
Size: 2.78 GiB
MD5: E0DE116C5D91F5AF86B80117EBD4D1FC
SHA1: 54A87839797C14B4356A4CC7F46D3ABD8CCFEB39
 
Note: Before initiating the update, please ensure that there is at least twice the size of the patch (excluding the size of the patch itself) available on disk. During the installation of the cumulative patch, the contents of the patch file are decompressed to a temporary folder. Additionally, as a precautionary measure to facilitate a seamless rollback in case of a failed installation, each original file that would be replaced is copied to a temporary location.

This update has been superseded by Veeam Backup & Replication 12.2.

Upgrading to 12.1 From Previous Versions

Use the following ISO for:

  • New deployments of Veeam Backup & Replication 12.1.
  • Upgrading existing deployments of Veeam Backup & Replication (10a, 11, 11a, or 12) to 12.1.

Remember to always review the Upgrade Checklist as part of your upgrade process.

Reboot May Be Required

Please note that a reboot may be required after installing the update. 

Please plan accordingly.

ISO Release History

Previously released files are not publicly available for download. Mouse-over or tap the filenames in the table to view a file's MD5 and SHA1 checksum.
Release Date ISO Filename Changelog
Veeam Backup & Replication 12.1.2.172 Releases
2024-05-21 VeeamBackup&Replication_12.1.2.172_20240515.isoMD5: A12C0F6EE2FAEB735C6D15D8832F915A
SHA1: 3E9E11CB8879DDEB4558CA8DE702F7E821A2C25E
Initial Release
Veeam Backup & Replication 12.1.1.56 Releases
2024-02-29 VeeamBackup&Replication_12.1.1.56_20240220.isoMD5: 958B10FC6590D9838AAE1A257CB8C06E
SHA1: 703EC0E771D9DA46313CFDE25A417D47CF74D681
PostgreSQL redistributable updated to version 15.6.
2024-02-01 VeeamBackup&Replication_12.1.1.56_20240127.isoMD5: 4E6D1ED3B90EE971D4819919D48469AE
SHA1: E5569C7FC592850265416C3B539F7542FB00D2F6
Patched upgrade process to remove the requirement of opening port 6160 for hardened repository upgrade.
2024-01-19 VeeamBackup&Replication_12.1.1.56_20240116.isoMD5: D72A06C98AC80FCD2A6F53E6C032DEF7
SHA1: C0E21C51FA63B7C30009886226240D7E194C72F5

Initial Release

.NET Desktop Runtime redistributable was updated to 6.0.25

Veeam Backup & Replication 12.1.0.2131 Releases
2023-12-06 VeeamBackup&Replication_12.1.0.2131_20231206.isoMD5: 5929283A81A80AFCFA2E5ABE31B1381C
SHA1: 3699D89FD4DA46F435BF11B83A515AA8B1A6E1EF

Patched upgrade script.

2023-12-05 VeeamBackup&Replication_12.1.0.2131_20231205.isoMD5: FE6A13F4E30D64D230B07E94A52585EE
SHA1: 8721A99055CFBEB0523DD89C12A34F7555A1D463

Added Microsoft Azure Plug-in version 12.6.0.1009.

2023-12-05 VeeamBackup&Replication_12.1.0.2131_20231129.isoMD5: 010771DE326F062A24AF828EB656C89F
SHA1: CAF207E553ACD72836A3EB837F0135D90930645E
Initial Release
Swipe to show more of the table

Updater EXE Release History

Previously released files are not publicly available for download. Mouse-over or tap the filenames in the table to view a file's MD5 and SHA1 checksum.
Release Date Updater EXE Filename Changelog
Veeam Backup & Replication 12.1.2.172 Releases
2024-05-21 VeeamBackup&Replication_12.1.2.172_20240515.exeMD5: 74D23C8693712454F4C193099FFC2920
SHA1: A33EC5E81EEE083D1268B368AD2E743D5E0561EF
Initial Release
Veeam Backup & Replication 12.1.1.56 Releases
2024-01-31 VeeamBackup&Replication_12.1.1.56_20240127.exeMD5: 29071117FF7E3EFFCD0A7CAAADBAB54E
SHA1: 69B289562BCF143CBA275FBC01780389D470DE03
Patched the upgrade process to remove the requirement of opening port 6160 for hardened repository upgrade.
2024-01-29 VeeamBackup&Replication_12.1.1.56_20240125.exeMD5: 26647D4F02DC47F02E809BC42C668D30
SHA1: 97182FFB7BF99642074CD8AFFBB3EC69107445D7
Patched upgrade script to preserve the value of the Update license automatically setting and to address an issue with the Enterprise Manager upgrade.
2024-01-19 VeeamBackup&Replication_12.1.1.56.exeMD5: B5CC3C9A8CD6067888D0C9CCC2FB30A4
SHA1: 134EB4067FF1E9288B5BBCC9353A7495D36EC6B1

Initial Release

.NET Desktop Runtime redistributable was updated to 6.0.25

Swipe to show more of the table
To submit feedback regarding this article, please click this link: Send Article Feedback
To report a typo on this page, highlight the typo with your mouse and press CTRL + Enter.

Spelling error in text

This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply except as noted in our Privacy Policy.
Thank you!

Thank you!

Your feedback has been received and will be reviewed.

Oops! Something went wrong.

Please, try again later.

You have selected too large block!

Please try select less.

KB Feedback/Suggestion

This form is only for KB Feedback/Suggestions, if you need help with the software open a support case

By submitting, you are agreeing to have your personal information managed in accordance with the terms of Veeam's Privacy Notice.
This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply except as noted in our Privacy Policy.
Verify your email to continue your product download
We've sent a verification code to:
  • Incorrect verification code. Please try again.
An email with a verification code was just sent to
Didn't receive the code? Click to resend in sec
Didn't receive the code? Click to resend
Thank you!

Thank you!

Your feedback has been received and will be reviewed.

error icon

Oops! Something went wrong.

Please, try again later.