🐞 Bug Fix

Clipboard permission settings not applied when using ISL Light Desk

An issue was identified where users could perform copy and paste actions in a session when connected from ISL Light Desk to ISL Light Client, even though clipboard sharing was disabled on ISL Conference Proxy. When connected from ISL Light to ISL Light Client, the clipboard was correctly disabled.

The clipboard handling mechanism has been redesigned, and the issue is no longer reproducible.

🚀 New Features

Update ISSC encoder/decoder logs

The format of issc_decoder logs (located in the ISL Light log) has been updated to include the ID of the stream producing each log line.

Detect crash when QML objects are manually deleted

ISL Light now detects and prevents possible crashes in QML code when an object is manually destroyed.

🐞 Bug Fixes

Fix installation issue on macOS

ISL Light failed to install on macOS if it was the first installation of the application. The issue was that the installer had a check expecting the /etc/islonline folder to exist, but this folder is created later in the installation process. The check is now ignored, and installation works correctly.

Improve monitor handling on macOS and Linux

Users could experience a crash of the ISL Light Client on macOS or Linux when using multiple monitors, especially if some were connected but not in use. When the operator selected a specific monitor, ISL Light Client did not correctly enumerate the monitors and selected a region that did not exist, leading to a crash. Monitor switching is now handled by ISSC, which prevents crashes when the operator switches between monitors.

Fix crashes when using virtual background

Users experienced an issue where ISL Light crashed sometimes when users enabled Virtual background because of GPU acceleration. Functionality was redesigned, a toggle button to enable or disabled GPU acceleration was added and the issue is no longer reproducible.

Remove invalid characters from QML

Users could see QML errors in the log due to invalid characters being detected. The invalid characters were replaced with the appropriate ones from the ASCII table, and these errors should no longer appear in the ISL Light log.

Fix a crash when scrolling through computers

In some cases, ISL Light crashed while scrolling through the list of computers during an active connection. QML destruction handling was redesigned, and the application should no longer crash.

🚀 New Features

Upgrade Go to 1.24.8

Go has been upgraded to 1.24.8 (released 2025-10-07), bringing important security fixes to core packages including archive/tar, crypto/tls, crypto/x509, encoding/asn1, encoding/pem, net/http, net/mail, net/textproto and net/url. The update also includes bug fixes for the compiler, linker and libraries such as debug/pe, net/http, os and sync/atomic. This strengthens security and improves runtime stability.

Removal of outdated JavaScript libraries

Unused and outdated JavaScript libraries have been removed from Core and Administration in versions 2400 and 2500. This reduces exposure to known CVEs and simplifies maintenance, resulting in a more secure and efficient codebase.

🐞 Bug Fixes

PostgreSQL – MD5 check freeze fixed

In previous versions, MD5 integrity checks after a database dump or restore could freeze ICP when running on single-core systems. This happened because zero threads were allocated for the check. The process has been redesigned to always use at least one thread, ensuring the check completes as expected.

Upgrade OpenSSL to 3.0.18

Some customers experienced ICP crashes after upgrading to the latest ICP version. The root cause was identified in OpenSSL and resolved by upgrading OpenSSL to version 3.0.18.

🚀 New Features

ISSC desktop streaming

The ISSC desktop plugin was adapted to work correctly with ISL AlwaysOn. The ISSC ZRLE codec was fully rewritten with a simpler and clearer implementation that improves performance of desktop sharing and allows future enhancements. Cursor grabbing with the polling driver was redesigned to properly display text input cursors at high DPI settings.

Region sharing was improved by removing the need for a proxy window. ISSC now uses the window provided by the user, improving the accuracy of region streaming.

Whiteboard handling was updated across all platforms. The whiteboard is now refreshed before showing or hiding, fixing flickering after clearing and restarting. On Windows, native GDI functions are now used, improving drawing performance.

Improved SSL compatibility with SNI

AutoTransport methods (wsstun-direct, https-proxy, etc.) now include SNI (Server Name Indication) in the SSL handshake. This improves compatibility with third-party services such as Cloudflare.

Increase timeout on “watcher” watchdog thread

The watchdog implementation on Windows was updated with:

• updated timeouts
• added log for thread IDs
• added NOX on failed thread create
• removed use of the rand function that uses enter critical section

The time for the unresponsive scheduler check is 2.5 min (previously 2 min). The time for the unresponsive watcher check is now 10 min (previously 2 min). We now also report the WD count that was reached when the watchdog crashed.

Upload only 2% of watchdog crash reports

In the previous version, all ISL AlwaysOn watchdog crashes were uploaded to ISL Conference Proxy, but they did not contain enough useful information. We have limited watchdog crash report uploads to 2% of reported crashes to the ISL Conference Proxy.

ECDH algorithm logging

Log lines now include the ecdh_ctx key, indicating which algorithm was used to establish the shared secret.

Replace islhtml_filter_and_escape with implementation in common code

Per-product specific text escaping functionality was moved to a unified implementation of text escaping.

Update Mbedtls to 2.28.10

Internal mbedTLS library was updated to version 2.28.10.

Upgrade to libdatachannel-0.22.6 and libjuice-1.5.9

The libdatachannel and libjuice libraries were updated to the latest versions (libdatachannel-0.22.6 and libjuice-1.5.9).

Upgrade zlib to 1.3.1

The zlib library that is used in the ISL AlwaysOn application was upgraded to version 1.3.1.

🐞 Bug Fixes

Update libjpeg turbo to 3.1.0

In certain cases, desktop streaming stopped working. The operator log showed an issue with JPEG decoding due to incorrect JPEG encoding on the streaming side of the sent screen update, which caused the streaming to stop. libjpeg-turbo was updated to version 3.1.0 and the issue with JPEG decoding was resolved.

Increase delay when injecting keys on Windows

Users experienced an issue when using the “Paste (simulate typing)” feature while in session, as the pasted characters were not the same as they were in the shared clipboard. The functionality was redesigned and the issue is no longer reproducible.

Fix ISL AlwaysOn clean command

The clean and clean_silent commands were not working when uninstalling ISL AlwaysOn. The uninstaller froze and granted connections were not removed. The functionality was redesigned, the commands are now working correctly, and user grants will be removed during uninstall if either of the clean commands is supplied.

Always enable TLS when opening AT MUX channel

In the previous version, some MUX connection channels were not protected by a TLS session. A TLS session is now enabled on all MUX channels.

Black screen status not updating instantly

Users experienced an issue where sometimes the Black screen status was not updated instantly upon enabling or disabling the Black screen in session. The functionality was redesigned and the issue is no longer reproducible.

Key modifier remains set after injecting Unicode characters

In some cases, when operators were controlling the remote macOS computer and typing into the remote computer something that required modifier keys, after typing those modifiers could remain stuck. Handling of modifier keys was redesigned, and the keys are now correctly released after typing.

Fix querying for CPU features gcc

In some cases, the application crashed when checking for CPU features on Linux. Checking for CPU capabilities was redesigned, so the application will no longer crash.

Incorrect version display in executable details

ISL AlwaysOn was previously displaying incorrect version information when viewing the properties of plugin .dll files. The correct version is now shown.

Customized program name overlapped in the about window

In the ISL AlwaysOn about screen, the application name could overlap the logo in cases where customers specified a long name. The about screen was redesigned; the application name is now wrapped, meaning if it is too long, it will display the name in multiple rows.

Default ISL AlwaysOn directory still created when using custom installer defaults

If users had defined a customization for ISL AlwaysOn on Linux and it used a custom installation location, the default installation folder was still created. Handling of the custom installation location was redesigned; the default installation folder is no longer created.

Force screen refresh for Windows machines with no screen attached

Users experienced an issue where the remote computer’s screen did not refresh correctly when there was no screen attached to the computer. The functionality was redesigned and the issue is no longer reproducible.

Increase setup timeout and update check installed

Users experienced an issue where they were unable to enable restart & resume during a session. The issue was in the ISSC Daemon timeout being reached. This timeout was increased and should no longer cause inability to activate restart & resume.

Detect when running Windows Sandbox environment during connect procedure

Users experienced an issue with delays when connecting to ISL AlwaysOn computers in a Windows Sandbox environment. The functionality was redesigned and the issue is no longer reproducible.

Delay daemon init procedure on macOS

The ISSC Daemon init procedure was moved to a later stage because the ISSC daemon was initialized before flags were dumped. This improves the readability of the log and simplifies debugging.

macOS reports wrong architecture

Users experienced an issue where ISL AlwaysOn on Mac M-series computers with arm64 architectures, but running ISL programs with Rosetta, would report the Mac computers as having x86_64 architectures. The functionality was redesigned and the issue is no longer reproducible.

Change dots to underscores for filename on Linux

In previous versions, the filename version was delimited with dots. This caused an issue when the build number was less than 10, as the application opened as a text editor. The dots were replaced with underscores, and the application now always executes correctly.

Switch monitor handling to ISSC

Handling of monitor switching was ported to ISSC, which now prevents the application from crashing when the operator switches between monitors.

Skip monitor detect on virtual machines

In some cases, a “no monitors attached” driver was enabled when connecting to virtual machines. The application now checks if it’s being run on a virtual machine and skips the “no monitors attached” driver if it detects it’s running in a virtual machine.

Other fixes and improvements

Bug fixes, security updates, missing translations, and other general improvements.

🚀 New Features

Update logo – ISL Online powered by PDQ.com

The ISL Light Client application logo has been updated to include the label “powered by PDQ.com”.

Update ISSC encoder/decoder logs

The format of issc_decoder logs (located in the ISL Light log) has been updated.
Each log entry now includes the ID of the stream that generated it, improving traceability and debugging.

🐞 Bug Fixes

Switch monitor handling to issc

Fixed an issue that could cause ISL Light Client to crash on Windows systems with multiple monitors, especially when some monitors were connected but inactive.
The crash occurred when the operator selected a specific monitor, and ISL Light Client incorrectly enumerated available displays, selecting a non-existent region.
Monitor switching is now handled by ISSC, preventing these crashes when switching between monitors.

🚀 New Features

ISSC desktop streaming

The ISSC desktop plugin was adapted to work correctly with ISL Light Client. The ISSC ZRLE codec was fully rewritten with a simpler and clearer implementation that improves performance of desktop sharing and allows future enhancements. Cursor grabbing with the polling driver was redesigned to properly display text input cursors at high DPI settings.

Region sharing was improved by removing the need for a proxy window. ISSC now uses the window provided by the user, improving the accuracy of region streaming.

Whiteboard handling was updated across all platforms. The whiteboard is now refreshed before showing or hiding, fixing flickering after clearing and restarting. On Windows, native GDI functions are now used, improving drawing performance.

Meetings (beta)

A new setting has been added in Settings → Meetings to enable the “Meetings (beta)" tab. Once enabled, the tab appears in the ISL Light dashboard, and new meetings can be created from the “+” dropdown as “New Meeting“.

Note: Operators can host meetings from the ISL Light desktop app or a browser, while customers can join only through a browser (using a direct link or meeting code).

Currently in beta, Meetings are merged with legacy ISL Groop meetings, so the table also lists older sessions.

ISL Light > Meetings (beta) > In Meeting

In Meeting Features:

• Camera and microphone support.
• Screen sharing with stream control.
• Give control to another participant and revoke it when needed.
• Chat panel
• People panel; privileged users can request or mute devices.
• Whiteboard (Pen tool) for drawing on shared screens, toggle or exit with ESC.
• Video backgrounds: none, blur, or image.
• Mini player when sharing screen.
• Mobile browser gesture support: pinch-to-zoom, drag to pan, tap for click, two-finger tap for right-click, and swipe to scroll.

Support has also been added for the --get-code-meeting command line argument, which opens the ISL Meeting create view.

Added support to hide the Meetings tab in ISL Light when ISL Meetings is disabled on ISL Conference Proxy.

Branding Update

The ISL Online logo has been updated to ISL Online powered by PDQ.com.

Upgrade zlib to 1.3.1

The zlib library used in ISL Light was upgraded to version 1.3.1.

Replaced yuv2rgb.neon.S with libyuv

The video plugin now uses libyuv instead of yuv2rgb.neon.S.

Updated SoundTouch library

The audio plugin now uses SoundTouch v2.4.0.

Replace islhtml_filter_and_escape with implementation in common code

Per product specific text escaping functionality was moved to unified implementation of text escaping.

🐞 Bug Fixes

Computers tab: custom color not applied to mobile icon

When using a customization with a custom color and connecting a mobile device to a remote machine, the phone icon did not fill with the custom color correctly. Applying the custom color to the icon was redesigned and is now displayed correctly.

Hide signup on Server License

Users experienced an issue where “Sign Up Now” was displayed on Server License when no internet connection was available during login. The functionality was redesigned and the issue is no longer reproducible.

Modifier keys stuck after Unicode input

When operators controlled a remote macOS computer and typed characters requiring modifier keys, the modifiers could remain stuck after typing. Handling of modifier keys was redesigned, and keys are now correctly released after typing.

Detect Windows Sandbox environment

Users were unable to enable Administrative Mode and Restart & Resume in sessions connected to machines running Windows Sandbox. Detection was redesigned, and the issue is no longer reproducible.

macOS reports wrong architecture

On Apple M-series Macs with arm64 architecture running ISL programs under Rosetta, ISL Light reported x86_64 instead of arm64. Reporting was redesigned, and the correct architecture is now shown.

File metadata corrections

Some DLLs, executables, installer/uninstaller files, and application details (copyright and version) displayed incorrect information in file properties. All version and copyright information is now correct.

Black screen status not updating instantly

In some cases, Black screen status was not updated instantly when enabling or disabling it in session. The functionality was redesigned and the issue is no longer reproducible.

Increase delay when injecting keys on Windows

When using the “Paste (simulate typing)” feature, injected keystrokes could fail due to timing issues. Delay handling was redesigned, and the issue is no longer reproducible.

Skip monitor detection on virtual machines

In some cases, the “no monitors attached” driver was enabled when connecting to virtual machines. The application now detects virtual machines and skips loading this driver.

Other fixes and improvements

Bug fixes, security updates, missing translations, and other general improvements.

🚀 New Features

Meetings (beta)

Meetings (beta) has been introduced with a new interface and core collaboration features. It is available in the web portal sidebar under “Meetings”.

Currently in beta, Meetings are merged with the legacy ISL Groop meetings, and the dropdown item “New Meeting (beta)” represents the new version. New meetings can run directly in the browser and, with upcoming releases, will also be available in the ISL Light desktop application as the “Meeting (beta)” tab in dashboards.

Web Portal > Meetings (side navigation) > In Meeting

Key updates include:

• Camera and microphone support: join with either or both, manage devices from the People sidebar.
• Screen sharing with stream control: give or revoke control while sharing, viewers can request or cancel control.
• Give control: hand over keyboard and mouse control to another participant, then take it back when needed.
• Chat: exchange text messages.
• People panel: manage participants, privileged users can request or mute camera and microphone.
• Whiteboard (Pen tool): draw on the shared screen, available to all participants, toggle on/off or exit with ESC.
• Video background: choose none, blur, or image for video background when creating or joining a meeting.

On mobile, ISL Meeting supports gestures such as pinch-to-zoom, drag to pan, single tap for click, two-finger tap for right-click, and swipe to scroll.

Meeting history is now stored in /conf, showing details like creator, timestamps, duration, participants, and session information.

PostgreSQL improvements

Database upgrade procedures have been improved for reliability, visibility, and performance.

Key updates include:

• Data verification during upgrade: restored data is now checked using MD5 hash comparison of table rows (with partial checks for large tables), instead of only comparing row counts. Estimated upgrade time now includes hash verification.
• Progress logs: detailed logs added for dump/restore and verification steps.
• GRID awareness: /conf now shows pending PostgreSQL upgrades for all servers in the GRID. Each server reports available upgrades to others.
• Log preservation: old PostgreSQL log files are kept during upgrades and renamed with an old- prefix.
• Version visibility: installed PostgreSQL version is displayed in /conf (Activity monitor → Servers).
• Cleanup on failure: temporary folders from failed upgrades are automatically removed on server startup.
• Asynchronous estimation: space and time estimation for upgrades is now performed asynchronously, so ICP startup is no longer blocked on large databases. Until estimation is complete, /conf shows “Preparing upgrade” and the upgrade option is disabled.

gjrpc2grid & SSO Cache Management

Expired Core Login SAML identity provider certificates are now properly removed from cache when new certificates are acquired. Updating SAML IdP metadata triggers a GRID message that flushes outdated cache entries across all Core Login servers.

For SSO identity providers with rollover certificates, multiple certificates from the same metadata are now grouped under a “meta-group” tag in the /conf certificates panel. Expiry checks are based on an optimistic validity interval, assuming no gaps between certificates and using the maximum validity for evaluation.

User and Domain Deletion Checks

Server administration now verifies ownership of computers and groups before allowing a user or domain to be deleted. A new “Required actions” step lists all associated computer groups or connections that must be reassigned or removed. Deletion can only proceed once these actions are completed. If no ownership is detected, related data is displayed and the deletion continues as before.

SSO SAML Service Provider ECDSA Key Support

The SAML service provider configuration now supports PKCS8-encoded ECDSA keys for the “SAML service provider PEM key file” setting (/conf → Security → Other). Authentication request signing methods have also been extended to include ECDSA-SHA1, ECDSA-SHA256, and ECDSA-SHA512.

Read customization zips on startup

ISL Conference Proxy now loads customization packages automatically during startup. Administrators can place one or more .zip files into ICP/customizations/ and restart the server. If a customization with the same name already exists, the existing one is kept and a warning is shown in /conf with a logged alert. Invalid packages, such as those missing a manifest or containing an invalid zip, block startup until removed or corrected. Successful loads are recorded in the debug logs.

DNS CAA and TXT Record Support

ISL Conference Proxy now supports DNS CAA records, which previously caused errors when added to a zone. Handling of DNS TXT records has also been improved. Quoted strings are now processed correctly by removing surrounding quotes and unescaping characters, ensuring only raw values are stored. Unquoted strings continue to be handled as before.

Raise minimal OS requirements for Linux to CentOS 7.4

The minimum supported environment for ISL Conference Proxy is now Linux 3.10.0 with glibc 2.17, equivalent to RHEL/CentOS 7.4.

Copy Web Pages v2400 to v2500

Web pages from version v2400 were copied into v2500, which is now set as the default.

Update logo “powered by PDQ.com”

Updated ISL Online logo to add “powered by PDQ.com” in v2500 main web_template.html. Logo is now saved in SVG format instead of PNG.

Upgrade Go to 1.24.4

Go has been upgraded to version 1.24.4.

Upgrade libxslt to 1.1.43

libxslt has been upgraded to version 1.1.43.

Upgrade libxml2 to 2.13.8

libxml2 has been upgraded to version 2.13.8.

Upgrade OpenSSL to 3.0.17

OpenSSL has been upgraded to version 3.0.17.

Upgrade libjpeg-turbo to 3.0.3

The internal ImageMagick-based toolchain now uses libjpeg-turbo 3.0.3 (previously 1.0.0).

🐞 Bug Fixes

Optimize Active Sessions Page Queries

The /conf → Activity monitor → Sessions page no longer performs multiple database reads for sorting and fetching active sessions. The logic was redesigned to reduce the number of queries.

Fix Time Range Filtering in Safari

Timestamp filters in Administration pages (Add Filter modal) caused errors in Safari, and navigation produced excessive history.replaceState calls. Both issues have been resolved.

Upgrade jQuery-UI in v2400 v2

The Administration module now uses the latest version of jQuery-UI, loaded from core instead of a bundled copy. Required plugins are included in jquery-ui.min.js, and unused code has been removed from Reports.

Set correct Content-Type in Webapi request

Content type in WebAPI2 requests previously defaulted to application/x-www-form-urlencoded, causing decoding issues with some firewalls. Content type in requests is now set to application/json.

Handle Unknown Query Arguments in /start Links

Unregistered arguments in /start links previously caused “application not found” errors. These arguments are now ignored during initialization.

Fix web_login_cmdline Handling in Program Downloads

Program download links with web_login_cmdline=1 were rejected when the user was not authenticated. ICP now safely expands --web-login and continues with authentication in the application.

Ignore Empty Customization Names

Customizations with an empty name were incorrectly applied as defaults in /conf → Customize. These are now ignored and return an empty string.

Include Customization in Deployment Links

Custom deployment links now correctly include the customization name when a user or domain has a default customization set.

🚀 New Features

ISSC desktop streaming

ISL Light Client on Windows now uses the same desktop streaming plugin as the main ISL Light application (ISSC). With this change, some desktop sharing settings were removed as obsolete (Black screen driver install/uninstall driver, Enable console window streaming, Enable code injection while grabbing OpenGL and DirectX application, Manage hardware acceleration settings).

Improve application sharing

Application sharing was improved. The top bar is now redrawn when a shared application is moved, and background window behavior has been aligned with the old plugin, as ISSC no longer provides its own background window.

Removed use of FFMPEG codec

FFMPEG, previously used for certain video codecs, has been removed.

Replaced yuv2rgb.neon.S with libyuv

The video plugin now uses libyuv instead of yuv2rgb.neon.S.

Updated SoundTouch library

The audio plugin now uses SoundTouch v2.4.0.

Upgrade libjpeg turbo to 3.1.1 and add support for rgb565

Upgraded libjpeg turbo to version 3.1.1, with re-added support for rgb565 encoding on systems using 16-bit graphics capture.

🐞 Bug Fixes

Skip monitor detection on virtual machines

In some cases, a no monitors attached driver was enabled when connecting to virtual machines. The application now checks if it is running on a virtual machine and skips the driver accordingly.

Incorrect version display in executable details

ISL Light Client was previously displaying incorrect version information when viewing the properties of plugin .dll files. The correct version is now shown.

🚀 New Features

Autodownload option for Universal Add-on

A new dialog is now shown when ISL Light is launched, offering users the option to download the Universal Add-on. If accepted, users are redirected to the Google Play Store. This add-on is provided instead of the device-specific signed add-on on supported devices.

Additionally, a new button has been added to the settings screen, allowing users to access the same download option manually.

The dialog and button are displayed on all devices, regardless of compatibility.

ISL Light Android > Universal Add-On Dialog / Settings “Install Universal Add-On”

Add SNI support for AutoTransport in permissive SSL mode

The AutoTransport methods wsstun-direct, wsstun-proxy, https-direct, and https-proxy were updated to include Server Name Indication (SNI) during the SSL handshake. This change improves compatibility with third-party load balancers such as Cloudflare, which rely on the hostname being sent as part of the handshake.

Update to mbedTLS 2.28.10

The internal mbedTLS library has been updated to version 2.28.10.

🐞 Bug Fixes

Starting call from Light Desk when app is minimized leads to crash or incorrect UI

Users experienced an issue where ISL Light on Android would crash when they were connected with ISL Light Desk as the operator, minimized the app, and the operator started a call. The functionality was redesigned, and the issue is no longer reproducible.

Crash when app is minimized and mic is remotely enabled from ISL Light Desk

Users experienced a crash in the ISL Light Android application when connected to a session where ISL Light Desk was used as the operator, and the operator enabled the microphone while ISL Light was minimized on the Android device. The functionality was redesigned, and the issue is no longer reproducible.

Always enable TLS when opening AT MUX channel

In previous versions, some MUX connection channels were not protected by a TLS session. TLS is now enabled on all MUX channels.

Change default for scaling – make scaling disabled by default

In previous versions scaling of device screen was always enabled if device exceeded 1024px on either of the sides of the device. This caused lower quality of remote device screen on operator side. Scaling of device screen is now disabled by default.

Disable selector for MediaProjection streaming

In previous versions users were able to select to stream ISL Light application instead of whole screen. The functionality was redesigned, the selector is now disabled, so streaming is always performed on whole screen.

Prefer Universal addon over Samsung Knox

Users experienced an issue where the Universal Addon dialog was not shown before the Samsung Knox dialog on Samsung devices. The functionality was redesigned, Universal Addon is now preferred over Knox on Samsung devices where it is available.

Connection to macOS does not send uppercase letters

Users experienced an issue where uppercase letters were not sent during a connection from an Android device to a macOS device. The functionality was redesigned, and the issue is no longer reproducible.

🚀 New Features

Change screen resolution

The “Change Resolution” feature has been extended to support ISL Light Client for Windows, in addition to the existing support on ISL AlwaysOn and ISL Light Client for macOS and Linux.

This functionality allows you to adjust the screen resolution on the remote computer during a session. You can either match the resolution with your local monitor or manually select a different resolution that better suits your setup. If the remote computer has multiple monitors with varying resolutions, you can configure the resolution for each monitor individually.

In cases where the selected resolution isn’t supported by the remote system, ISL Light will automatically switch to the next closest supported resolution to ensure a smooth experience.

Importantly, once the session ends, all resolution settings and desktop icon positions on the remote computer will revert to their original state, preserving the user’s environment.

ISL Light > Session > Change Screen Resolution Dialog

Download button for unattended access

A download button has been added to the unattended access setup dialog during a session. It provides a more intuitive way to retrieve the ISL AlwaysOn application, which was previously only accessible through a hyperlink.

ISL Light Client > Set Unattended Access Dialog

Smarter reconnect delay on network failures

A delay mechanism has been introduced between failed reconnect attempts when the connection is not fully established. The delay increases progressively from 1 to 30 seconds. A missing stop call on connection failure was also added for improved stability.

New watchdog in ISL Light Client v3

The legacy watchdog has been replaced with the hefa watchdog implementation. A crash test option is now available in the settings for testing the new watchdog functionality.

Improved SSL compatibility with SNI

AutoTransport methods (wsstun-direct, https-proxy, etc.) now include SNI (Server Name Indication) in the SSL handshake. This improves compatibility with third-party services such as Cloudflare.

ECDH algorithm logging

Log lines now include the ecdh_ctx key, indicating which algorithm was used to establish the shared secret.

Updated mbedTLS to 2.28.10

The internal mbedTLS library has been upgraded to version 2.28.10 for improved security and compatibility.

Updated libdatachannel to 0.22.6 and libjuice to 1.5.9

We upgraded libdatachannel to version 0.22.6 and libjuice to version 1.5.9.

🐞 Bug Fixes

Add support for unicode clipboard

In some cases, copying and pasting Unicode characters between operator and client did not work correctly. The clipboard functionality was redesigned, and the issue is no longer reproducible.

Reduced stack usage in administrative mode

An issue causing occasional crashes during elevation to administrative mode has been resolved by optimizing stack consumption.

Fixed ALTGr key translation

Key combinations involving ALTGr (e.g. ALTGr + C, ALTGr + H, ALTGr + I) now translate properly when operator and client use different keyboard layouts.

Detection of Windows Sandbox environment

Users experienced an issue where they were unable to enable Administrative Mode and Restart & Resume in session where they were connected to a machine with Windows Sandbox environment. The functionality was redesigned and the issue is no longer reproducible.

Fixed crash caused by calculate_string_size

Users sometimes experienced a crash of ISL Light Client application caused by calculate_string_size. The functionality was redesigned and the issue is no longer reproducible.

TLS enabled for all MUX channels

All MUX channels now use TLS encryption. In previous versions, some connections were not protected.

Histogram filtering improved

Only histogram entries that begin with an ASCII character are now sent to the server, ensuring cleaner and more relevant data collection.

Other fixes and improvements

Bug fixes, security updates, missing translations, and other general improvements.