What’s New

Note: This release is available for Cloud License in early adopters countries (Slovenia). Server License updates will follow in the coming weeks.

🚀 New Features

New ISL Light Client now default on Windows

Windows users now receive the redesigned ISL Light Client by default when joining a session. Built on the new unified codebase, the Windows client is now aligned with ISL Light Client on macOS and Linux, as well as with ISL Light.

ISL Light > Session > Desktop menu > Block Remote Input

The refreshed experience introduces a redesigned chat interface, a new topbar with hidden and expanded states, improved access to session controls, and new client-side options. Read more in ISL Light 5.0.2551.64.

Block remote input (total control)

Operators can now fully suppress the remote user’s keyboard and mouse. This is useful when you need uninterrupted control, for example to prevent the user from accidentally clicking or typing while you support.

Block Remote Input is available in the session toolbar under the Desktop dropdown on Windows remote computers. The remote user can press Esc at any time to release the block. It is also released automatically when the session ends. The option is not shown if the remote OS or client version does not support it.

ISL Light > Session > Desktop menu > Block Remote Input

In remote support sessions (ISL Light Client), enabling Block Remote Input requires confirmation from the remote user. In remote access sessions (ISL AlwaysOn), no confirmation is required. You can also enable Block Remote Input at the start of a session in the access password dialog under Connect Options.

ISL Light > Computers > Access Password Dialog > Options > Block Remote Input

Join a session directly from the login screen

The ISL Light login window was redesigned to make joining a session simpler. The new layout shows a Join a Session panel on the left and the operator login form on the right, so a user can enter a session code right when the app opens.

ISL Light > Join / Login Window

The session code field is focused automatically. The Join and Login buttons are only enabled once their respective fields are filled in. After entering a valid code, ISL Light switches to client mode for the duration of the session and returns to the main window when it ends.

The Join a Session panel can be hidden using --on-load "customization?disable_join=true".

Auto-save options for file transfer

A new setting was added that controls what happens when a file transfer completes. Previously, users had to manually save every received file. Three options are now available:

• Show confirmation dialog — prompts the user to save manually (previous behavior)
• Save automatically — saves the file to the default location without any prompt
• Save and open file location — saves the file and opens its containing folder

The preference can be configured in Settings > File Transfer, or directly in the file transfer dialog by checking “Don’t ask me again” before clicking Save or Open Folder. The setting does not apply to File Manager or when sending files to ISL AlwaysOn.

ISL Light > Session > File Transfer Dialog > Don’t ask me again checkbox

Monitor Shortcuts

ISL Light > Settings > Remote Desktop > Monitor Shortcuts

Monitor shortcuts were introduced in previous versions to simplify switching between remote monitors using keyboard shortcuts.

This update improves the existing functionality by adding support for cycling between the first and last monitor, continuing monitor navigation while viewing all monitors, and using monitor shortcuts even when the keyboard is not captured.

Additional improvements were also made for exploded monitor layouts and overall shortcut handling.

macOS permission prompt for Restart and Resume

When an operator enables Restart and Resume in a remote support session on macOS, ISL Light now triggers a TCC (Transparency, Consent and Control) permission prompt for the ISL Light Streaming component. This ensures the remote user is properly asked to grant screen recording permission, which is required for Restart and Resume to continue working across logout and fast user switching.

Show/hide toggle for password fields

A show/hide password icon was added to the password field on the Login page and the Access password dialog when connecting from the Computers tab. Clicking the icon toggles visibility, making it easier to verify what was typed without having to retype.

ISL Light > Computers > Access Password Dialog > Show/Hide Toggle for Password

My account submenu

A new My Account submenu was added to the dashboard dropdown, with direct links to Administration, License Usage, Reports, My Profile, and Security pages. On servers that support session-pass, clicking a link takes the user directly to the requested page without a separate login.

ISL Light > Dashboard > Menu > My Account (Web) > Administration/Usage/Reports/Profile/Security

Individual links can be hidden via customization flags: disable_administration_link, disable_usage_link, disable_reports_link, disable_account_link, disable_security_link.

The entire submenu is hidden when customization?disable_web=true is set or when the server does not provide the corresponding product page list.

Integration mode customization

A new integration mode customization was added for deployments where ISL Light is embedded in a third-party platform. When started with --on-load "customization?integration_mode=true", the standard login form is replaced with a dedicated integration screen, so end users are not presented with a login dialog on launch.

Sessions started from the web continue to bypass integration mode and behave normally.

ISL Light > Login Window > Integration mode customization

Taskbar icon blinks on new chat message

When ISL Light is minimized or inactive and a new chat message arrives, the taskbar icon now blinks until the window is opened. This applies both to the joining user in client mode and to the operator, so chat messages are no longer missed when ISL Light is in the background.

Customization: minimize ISL Light on start

ISL Light and ISL Light Client can now be configured to automatically minimize the window when a session starts. This is useful in integration scenarios where ISL Light should run in the background without occupying screen space on the joining side.

The behavior is controlled via --on-connect "main?minimize=true". An equivalent --on-load "customization?iconize=true" option is also available for backward compatibility. Both options can be found as read-only settings in General Settings > Session.

Customization: hide Settings button in ISL Light Client window

A new customization option hides the Settings button in the client-side ISL Light window during a session. Use --on-load "customization?disable_client_settings=true" to prevent end users from changing client settings.

Customization: hide Whiteboard tools or Change screen resolution

Whiteboard Tools and Change Screen Resolution can now be individually disabled in a session. Both are available as read-only settings under Customization Settings > Session.

• Hide whiteboard tools: --on-load "customization?hide_whiteboard_tools=true"
• Hide change screen resolution: --on-load "customization?hide_change_resolution=true"
• Hide both: --on-load "customization?hide_whiteboard_tools=true&hide_change_resolution=true"

When whiteboard tools are hidden, the automatic marker tool is also suppressed when the client revokes remote control, so the operator cannot draw without having control.

Help page links migrated to HTTPS

All internal help and sign-up page links in ISL Light and ISL AlwaysOn have been updated from http:// to https://. Users clicking help links inside the application are now always directed to the secure version of the page.

Customization domain and integrator key enforcement

ISL Light now sends the active customization name to the server during the connection handshake. If the server determines the customization is not authorized for the user’s domain or integrator key, the session is blocked with the message: “The provided customization is not authorized to be used in this session.” When the server does not enforce this check, behavior is unchanged.

Improved whiteboard tool state consistency

Whiteboard tool state in session is now driven directly by the ISSC, removing a gap where the front end was managing state independently. This makes whiteboard behavior more consistent and predictable across session state changes.

🐞 Bug Fix

Fix for gray screen caused by QT_QUICK_BACKEND=software on Windows

If QT_QUICK_BACKEND was globally set to software on a Windows machine, ISL Light rendered text incorrectly and the remote streaming view appeared as a gray screen. ISL Light now forces QT_QUICK_BACKEND and QMLSCENE_DEVICE to rhi at startup, overriding any conflicting system environment. The override can be skipped by setting ISL_QT_QUICK_BACKEND_SKIP.

Black screen issue on Windows 11

An issue was fixed where Windows 11 Aero Peek could temporarily reveal the remote screen while black screen mode was enabled.

This happened when hovering over application preview windows in the Windows taskbar. ISL Light now disables the Windows “Enable Peek” option while black screen mode is active to prevent the remote screen from being exposed.

Session started even when SOS dialog was cancelled

Accepting or cancelling the SOS dialog before starting a session had the same effect, the session was created in both cases. Cancelling the dialog now correctly aborts session creation.

Topbar not visible on Linux when client shares their screen

The topbar was not displayed on Linux during a screen sharing session. The topbar component now correctly sets its minimum width and height when its dimensions change.

Toolbar icons cut off when moving session window between monitors with different DPI

When the session window was dragged between monitors with different DPI scaling, toolbar icons and icons in computer and session lists appeared cut off or visually mangled. Icon components now adapt to DPI changes correctly. A 1px rounding difference may still occur on uneven DPI values such as 125%.

Keyboard shortcuts required two key presses to activate

Shortcuts had to be pressed twice because both the menu item and its associated action registered the same key sequence, causing the first press to be treated as ambiguous. Shortcut handling was reworked so only one component registers each shortcut.

Join a Session launched client inside the same ISL Light process

When an operator selected Join a Session from the dropdown, the client was started inside the current process instead of a new one. This caused conflicts, including issues with Restart and Resume when two sessions were active. The client is now always launched as a separate process.

No confirmation shown before revoking remote control

Clicking Revoke Control in the client topbar or chat window revoked control immediately, so a misclick could cause the operator to accidentally lose remote control. A confirmation dialog is now shown before control is revoked.

Change resolution dropdown showed incorrect values after applying a change

After changing the remote screen resolution, the dropdown did not refresh to show the updated values. The modal window was closing before the resolution change callback completed, corrupting the state. The window close now waits for confirmation before proceeding.

Dragging a computer with non-default columns active caused broken UI

In the Computers tab, enabling additional non-default columns and then dragging a computer item caused the drag visual to render incorrectly. All columns except Alias are now hidden during a drag operation.

Monitors dropdown visible in toolbar when it should not be

The Monitors item in the session toolbar dropdown was shown even when fewer than four monitors were connected. The visibility condition was corrected so the dropdown only appears when more than three monitors are in use.

Toolbar entered inconsistent state when control was granted mid-session

If a session started without remote control granted and the operator manually selected a marker tool, the toolbar became inconsistent when control was later granted. The toolbar state is now forced into a consistent state whenever control transitions during an active session.

Spurious error messages on terminal exit on Linux

When ISL Light Client was started from a terminal on Linux and closed normally, the terminal showed error messages even though no real error had occurred. The errno value was not being reset correctly after a handled event.

Move Topbar drag area not locatable by accessibility tools

The draggable area of the session topbar could not be found or interacted with by accessibility tools. An accessibility name “Move Topbar” was added to the drag areas in the Sharing Screen topbar and the hidden viewer toolbar.

Extra separator line in toolbar when hide_recording=true

When ISL Light was started with customization?hide_recording=true, an extra line separator remained visible in the session toolbar dropdown where the Start Recording button had been. The separator visibility is now tied to the visibility of the Start Recording button.

String substitution in start options not working

String substitution for ISL AlwaysOn start options did not work correctly. The functionality was redesigned and the issue is resolved.

Note: This release is available for Cloud License in early adopters countries (Slovenia). Server License updates will follow in the coming weeks.

🚀 New Features

Session end event added for full lifecycle tracking

Session history now records the full lifecycle of each unattended session. Four new events are written to sessions.xml: session_start, session_connected, session_reconnect, and session_end. The Overview window uses these to accurately report the state and timeline of each session. Existing history entries remain readable.

Richer context forwarded when granting computer access

When granting access, ISL AlwaysOn now collects and forwards additional invocation context to the server. This includes the Windows session ID, sanitized command-line, and startup_info.txt written by the launcher. The data is included in the grant request, making it possible to trace how the granting client was originally delivered and launched. This improves visibility for support and deployment teams when diagnosing installation and access issues.

Help page links migrated to HTTPS

All internal help and sign-up page links in ISL Light and ISL AlwaysOn have been updated from http:// to https://. Users clicking help links inside the application are now always directed to the secure version of the page.

🐞 Bug Fixes

Uptime reported incorrectly for machines running more than 48 days

The uptime counter overflowed for machines with an uptime longer than approximately 48 days, causing System Info to display an incorrect value. The calculation was switched to a 64-bit counter.

Remote user mouse clicks still registered when Block Remote Input was active

When Block Remote Input was enabled on a Windows remote computer, the remote user could still perform left and right mouse clicks. Input blocking logic was corrected so all local input from the remote user is suppressed as expected.

Note: This release is available for Cloud License in all countries except Japan. Server License updates will follow in the coming weeks.

🐞 Bug Fix

Monitor selection does not work if Admin mode is activated when single monitor is selected

Operators connecting to a Windows user via code were unable to switch remote monitors if Administrative Mode was enabled while a specific monitor was already selected. The root cause was that the monitor state was not reset during the enabling of Administrative Mode, so when the stream restarted, it remained stuck on the previously selected monitor.

Administrative Mode handling has been redesigned to reset the monitor state on enable, so operators can now freely switch to any remote monitor after Administrative Mode is enabled.

Note: This release is available for Cloud License in all countries except Japan. Server License updates will follow in the coming weeks.

🚀 New Features

Improved scam and fraud detection

Enhanced monitoring and traceability during the computer granting process, providing richer context for fraud detection and abuse prevention.

🐞 Bug Fixes

Incorrect Qt version in log

The Qt version displayed in the aon_service.out file was incorrect and now reflects the actual version used.

The minimum operating system requirements for ISL Light have been updated to Windows 10 (all versions) and macOS 14.

Note: ISL Light 5 is built on Qt 6.10, which officially supports Windows 10 1809 and later. ISL Online has extended this to cover all Windows 10 versions.

🚀 New Features

Redesigned session toolbar

The session toolbar has been redesigned with a cleaner layout, labeled buttons, and improved icons for easier navigation during a remote session.

ISL Light > Session > New Toolbar

Key additions and changes:

• Session menu: New dedicated menu centralizing all session-related actions, including the new Edit Session option
• Whiteboard menu: Pen, Arrow, and Eraser tools grouped into a single menu, with auto-clear options (5 and 10 seconds)
• View menu: New dedicated menu for quality, resolution, and display options
• Tools menu: Previously separate Keyboard, Tools, and Settings menus have been merged into a single Tools menu
• Camera/Microphone buttons: Now directly accessible from the toolbar, previously only available inside the chat window
• Hide/Show Toolbar: Now available in windowed mode, not just full screen

For a full overview of all changes and feature relocations, see the ISL Light 5 Toolbar blog post or watch ISL Light Toolbar video.

Redesigned ISL Light Client (macOS, Linux)

The ISL Light Client interface has been redesigned for a more modern and intuitive experience. The following changes apply to ISL Light Client on macOS and Linux, and on Windows when joining via ISL Light (Menu > Join). On Windows, when joining via code or link, the previous ISL Light Client version is still used and these changes are not reflected.

ISL Light Client

Settings menu includes new actions:

• Session Recording: Start or stop recording directly from the client
• Enable/Disable Clipboard: Toggle clipboard sync from the client side
• Topbar Position: Change the position of the topbar on screen

Chat has been updated with a modernized interface. User messages are displayed in darker blue with white text on the right, while incoming messages are lighter gray with dark text on the left. Message bubbles now fit the content width instead of stretching across the full window. When the client window becomes active, the chat input field is automatically focused, allowing the user to start typing instantly.

Topbar (Control Bar) has been completely redesigned with two states: hidden (screen sharing indicator) and expanded (control bar)

Hidden view ( screen sharing indicator)

Shows only a drag area for repositioning the control bar, and a screen sharing indicator. Pressing the indicator expands the control bar.

Expanded view (Control bar)

Control bar provides the following controls:

• Stop Sharing: Stops screen sharing
• Grant/Revoke Control: Grants or revokes operator control
• Whiteboard Marker: Local whiteboard marker tool
• Whiteboard Pointer: Local whiteboard pointer tool
• Chat: Opens the chat window
• Video Call: Starts or toggles video
• Audio Call: Starts or toggles audio
• Open Main Window: Opens the main application window
• Hide: Collapses the topbar back to hidden view
• End Session: Prompts the user to end the session

When a whiteboard tool is active, the control bar displays a hint to exit the local whiteboard by pressing ESC.

Additional computer info columns in dashboard

The computer dashboard now displays additional columns with more information about each computer.

ISL Light > Computers > Additional Computer Info

Columns can be toggled via right-click on the table header or the three-dot menu button in the table header.

• Alias
• Computer Name
• Status (Active, Online, Offline)
• Last Online
• Group (computer group)
• Owner (user or computer group)
• Shares
• Tags
• Platform
• Agent Version (ISL AlwaysOn version)
• IP Address

Extended mouse button support

Remote sessions now capture and transmit additional mouse inputs:

• Back and Forward buttons (thumb buttons)
• Horizontal scroll (tilt wheel)

Session security (e2e)

ISL Light now uses a new schema for securing end-to-end connections. Both endpoints generate a public/private key pair and exchange the public key with the remote side via ISL Conference Proxy as a pre-start message. The certificate used to establish the end-to-end connection is then verified by both endpoints, replacing the previous static client-to-client certificates. EC certificates are used instead of RSA.

A new Session Security dialog has been added, accessible from the active session via the shield icon in the status bar (Security Menu > Session Security). It displays live end-to-end encryption details for the current session.

ISL Light > Session > Session Security (accessible from status bar)

The dialog shows:

• Session Security Status: Optimal, Good, Medium, or Not Connected
• Authentication:
  • full: Both sides supplied valid, verified certificates
  • old: One side supplied a valid, verified certificate
  • none: No certificate exchange, or verification failed
• Remote Certificate Supplied:
  • Yes: The remote side provided a certificate
  • No: The remote side did not provide a certificate
• Remote Certificate Verification:
  • Verified: The certificate is verified and trusted
  • Unverified: The certificate failed verification checks
  • Not Available: No certificate or verification was not possible
• Connection Status:
  • Connected (Valid certificate supplied): Remote Certificate Supplied is Yes and Remote Certificate Verification is Verified
  • Connected (Invalid certificate supplied): Remote Certificate Supplied is Yes and Remote Certificate Verification is Unverified
  • Connected (Certificate not supplied): Other conditions do not apply
  • Not Connected: Session status is error
• Cipher: Active cipher used for the session
• Your Certificate Fingerprint
• Remote Certificate Fingerprint

For ISL Light Client V4, the dialog is accessible via Tools > Session Security.

Persistent settings

Session settings have been replaced with general Settings, accessible from the toolbar “Session” dropdown while in session. Changes made during a session are now saved and will apply to future sessions as well.

ISL Light > Session > Settings

Note: Some settings are NOT applied to an already running session and will only take effect in the next session. These settings display the message “This change will not affect sessions that are already running.“

• Session: Pin toolbar in fullscreen, Inactivity time in minutes before session is ended, Duration in seconds of inactivity warning before session is ended
• Desktop Sharing: Optimize resolution based on first local monitor, Leave background while sharing this desktop, Leave desktop effects while sharing this desktop, Lock computer when network connection is lost, Enable clipboard by default when viewing remote desktop
• Black Screen (Curtain Mode): Delay clearing black screen after pressing ESC
• Keyboard: Disable local inputs while sharing this desktop, Pass keyboard combinations unchanged
• System: Stream only non-alpha windows (CAPTUREBLT)

Update session status bar

The session status bar has been updated with new status indicators:

• Security Menu: Now visible in the status bar, provides quick access to Session Security, Session Details, About, and Log
• Clipboard Status: Always visible on the right side, shows whether clipboard sync is enabled or disabled
• Session Recording: Shows an active indicator while recording is in progress

ISL Light > Status Bar

The status bar layout has also been redesigned from a 3-column setup (left, middle, right) to a 2-column layout:

• Left column: Security Menu, Session Time, Direct Connection and Server Connected, User Control
• Right column: Zoom, Session Recording, Streaming Remote Sound, Black Screen (curtain), Clipboard Status, Keyboard Capture (on Windows), Refresh Button

The right column uses a responsive layout. Elements are hidden left-to-right (Zoom → Clipboard Status) as space decreases. If a larger element is hidden and space becomes available, a previously hidden smaller element will be shown again.

Reduced session creation delay and removed confirmation popup

When creating multiple ISL Light sessions, the delay between sessions has been reduced from 5 seconds to 1 second. The confirmation popup that previously appeared when creating a second or subsequent session has been removed.

Switch camera device from chat view

A new button has been added to the chat view in ISL Light Web, allowing users to switch between camera devices during a session without opening settings.

ISL Light streaming agent moved to macOS app bundle

The ISL Light streaming agent has been moved into a proper macOS app bundle (ISL Light Streaming.app), aligning with macOS packaging standards and improving compatibility with macOS security and permission requirements.

Command-line: Auto-close session on desktop stream stop

Two new command-line parameters have been added to ISL Light to automatically close the session when the client stops sharing their desktop or the operator stops viewing the remote desktop:

• --on-connect "desktop?close_after_stop"
• --on-connect "desktop?events=stream_stop_close"

Note: –on-connect “desktop?events=stream_stop_close” is used for backward compatibility with ISL Light Client on Windows.

Command-line: Skip end session confirmation dialog

A new command-line parameter has been added to end the session without showing a confirmation dialog:

--silent

Command-line: Add custom text to window title

A new command-line parameter has been added to append custom text to the ISL Light window title:

--add-title "<text>"

For ISL Light Web Client, the parameter can be passed via URL:

<icp>/users/start/isllight?platform=web&cmdline=--add-title+"<text>"

🐞 Bug Fixes

Clipboard sync active despite control being revoked

In ISL Light Client v4, clipboard content was still being transferred from the client to the operator even after control was revoked on the client side. This only occurred when the operator’s session window was in focus at the time of the copy on the client side, and only in the client to operator direction. The issue has been resolved and clipboard sync is now correctly disabled when control is revoked.

ISL AlwaysOn service not starting after macOS update

After updating macOS to Sequoia on Intel-based Macs, the ISL AlwaysOn service sometimes failed to start automatically due to unreliable daemon installation and configuration updates. The following issues have been resolved:

• Parallel installation of launch daemon and agents is now serialized, preventing race conditions during install and update
• ISL AlwaysOn service updates are now performed in a separate process, preventing conflicts with uninstall or reinstall operations

Application crash on logout after enabling Restart and Resume on macOS

ISL Light crashed when a user joined a session on macOS, enabled Restart and Resume, and then logged out. The issue has been resolved and is no longer reproducible.

Restart and Resume not enabled after daemon reinstall

When enabling Restart and Resume, the daemon was contacted before it had finished starting up, causing Restart and Resume to not be enabled correctly. A retry mechanism has been added to ensure the daemon is available before proceeding.

Application crash when Microsoft WebView2 framework is missing

ISL Light crashed when the Microsoft WebView2 Runtime was not installed on the system. The issue has been resolved and ISL Light no longer crashes when WebView2 is missing.

Application crash when restoring window geometry

ISL Light sometimes crashed when restoring the window position and size, due to an invalid screen reference. The issue has been resolved and is no longer reproducible.

Application crash on session window close

ISL Light sometimes crashed when closing a session window. The issue has been resolved and is no longer reproducible.

File Manager stuck on “Loading” in folders with many files

File Manager was stuck on “Loading” when navigating to a folder containing a large number of files. The issue has been resolved and is no longer reproducible.

Administrative mode incorrect credentials error not displayed

When entering incorrect credentials while enabling Administrative Mode, ISL Light now displays an error dialog informing the user that the administrator username or password is incorrect. Previously, no feedback was shown.

Whiteboard manual clear setting not applied correctly

When setting the whiteboard to clear manually, the setting was not applied correctly and whiteboard markings were cleared inconsistently. The functionality has been redesigned and the issue is no longer reproducible.

Chat clear removes messages from session report

Clearing the chat during a session caused the chat transcript to be blank in the session report. Chat clearing is now a display-only action and does not affect the transcript. Full chat history is always preserved in the session report.

Custom application icon not applied in ISL Light Client v4 on Windows

Custom application icons were not correctly applied to ISL Light Client v4 on Windows. The issue has been resolved.

TAB navigation and focus issues

TAB and SHIFT+TAB navigation did not work correctly in several cases:

• On the login screen after entering incorrect credentials
• In the chat window, where navigation only reached the message input field and send button
• Input field focus border remained visible after focus moved to another element

All issues have been resolved and keyboard navigation now works correctly throughout the application.

Menu not accessible during “Connect to Computer” flow

The hamburger menu was not visible when connecting via the “Connect to Computer” flow, making it difficult to access log files when issues occurred. The menu is now accessible during this flow.

Command-line --on-connect "desktop?show&control" not working

The command-line parameter --on-connect "desktop?show&control" did not work correctly in some cases when used in ISL Light. The issue has been resolved and control is now correctly granted when the parameter is used.

Unable to join ISL Meeting from ISL Light Client v4 on Windows

Users were unable to join an ISL Meeting using ISL Light Client v4 on Windows. The issue has been resolved. When a valid meeting session code is entered, the meeting title is shown below the input field.

Additional improvements:

• Joining a meeting via --connect command-line argument is now supported.
• --username, --password, and --web-login arguments now work correctly with --gui-type join_session, allowing users to log in before joining via --connect.

Invalid session token errors in Meetings

Users experienced “Invalid post token” or “Authentication failed” errors when interacting with the Meetings tab, particularly after switching tabs or opening multiple ISL Light instances. The following issues have been resolved:

• Session token was being restored multiple times, causing the previous session to expire
• WebView session was not kept active, causing it to time out
• Opening a second ISL Light instance overrode the session token of the first instance

Remote control clicks interfering with window action bar in Meetings

When joining a meeting from a browser and granting control to the remote user, mouse clicks targeting the minimize, maximize, and close buttons in the window action bar caused ISL Light to force quit. Clicks in that area from remote control are now ignored.

Missing Accessibility Names on Dialogs

Multiple dialogs in ISL Light did not have accessibility names set, causing issues with accessibility features and automated user-flow testing. Accessibility names have been added to all affected dialogs.

Other fixes and improvements

Bug fixes, security updates, missing translations, and other general improvements.

🚀 New Features

Session security (e2e)

ISL AlwaysOn now supports end-to-end encrypted connections using dynamically generated certificates, replacing the previous static client-to-client certificates. Both endpoints generate a public/private key pair and exchange the public key hash with the remote side via ISL Conference Proxy as a pre-start message. The certificate used to establish the end-to-end connection is then verified by both endpoints.

A new Session Security dialog is accessible from the ISL AlwaysOn tray menu, displaying live end-to-end encryption details for the current session.

For more information see ISL Light 5.0.2551.64 What’s New.

Other fixes and improvements

Bug fixes, security updates, missing translations, and other general improvements.

🚀 New Features

Session security (e2e)

ISL Light Client now supports end-to-end encrypted connections using dynamically generated certificates, replacing the previous static client-to-client certificates. Both endpoints generate a public/private key pair and exchange the public key hash with the remote side via ISL Conference Proxy as a pre-start message. The certificate used to establish the end-to-end connection is then verified by both endpoints.

For more information see ISL Light 5.0.2551.64 What’s New.

🐞 Bug Fixes

Chat clear removes messages from session report

Clearing the chat during a session caused the chat transcript to be blank in the session report. Chat clearing is now a display-only action and does not affect the transcript. Full chat history is always preserved in the session report.

Video call request rejection now reported to operator

When a client rejects a video call request in ISL Light Client v3, the operator is now notified that the request was rejected. Previously, no feedback was provided to the operator.

Other fixes and improvements

Bug fixes, security updates, missing translations, and other general improvements.

🚀 New Features

Hardware Security Module compliant Authenticode

Due to changes in CA/Browser Forum code signing baseline requirements, support for HSM-compliant remote Authenticode was added to ISL Conference Proxy. See https://cabforum.org/working-groups/code-signing/requirements/ section 6.2.7 Private key storage on cryptographic module.

Remote Authenticode is enabled when an encrypted Base64 configuration blob is provided either in the license field “Microsoft Authenticode” or “Microsoft Authenticode v2”, or in the setting “Use authenticode packed parameters (BASE64)”.

For most deployments, no additional configuration is required. Environments operating in restricted networks may use an HTTP proxy or controlled network forwarding to allow communication with the remote signing service. Remote signing service is available at https://updates.islonline.com.

New HSM-compliant Authenticode configuration will be available in the new license files. Legacy (non-HSM-compliant) Authenticode configuration present in the old license files will expire after 26 May 2026.

2FA Passkey Support

Support for general Passkeys (platform and cross-platform via USB, Bluetooth, or NFC) as a 2FA method has been added to ICP login.

A new Passkey management dashboard is available at:

Security → 2-Step Verification → Passkey

The dashboard includes the following features:

• Create new passkey
  The passkey registration flow has been redesigned into a modal interface, where the user selects the type of Passkey to create and provides its description.
  Passkeys can now be registered using:
  • Platform authenticators (e.g. Windows Hello, browser password manager extensions, etc.)
  • Cross-platform authenticators (e.g. security keys or mobile devices)
• List passkeys
  A new webapi2 security/login/tfa/passkey/list/1 method is used to list a user’s registered passkeys.
• Edit passkey
  Passkey descriptions can be updated using the existing webapi2 security/login/tfa/u2f/description/update/1 method.
• Set as default 2FA method
  Passkeys can be set as the default 2FA login method using the existing webapi2 security/login/tfa/method/default/set/1 method.
• Remove passkey
  Passkeys can be deleted using the existing webapi2 security/login/tfa/u2f/remove/1 method.
  As before, removing the last passkey is rejected if the user does not have an alternative 2FA login method configured. In this case, the user is prompted to disable 2FA before removing the final passkey.

To ensure compatibility, when a native application does not support Passkeys directly, users can use the “Log in with browser” option to complete 2FA authentication in their browser. This behavior is controlled by the new permission:

/conf → Security → “Allow ‘Log in with browser’ in native applications”

The browser login option is offered only when Passkeys are configured but not supported by the client.

Migrate security key authentication from U2F to WebAuthn

In previous versions, using the legacy U2F authentication standard as a 2FA method could fail in modern browsers due to deprecated U2F support.

Security key authentication has been migrated from the U2F API to the WebAuthn standard, ensuring compatibility with current browsers.

Existing security keys registered using U2F remain supported, and new registrations use WebAuthn when supported by the browser.

Increased password hashing strength with automatic upgrade on login

The default number of islhash1 hashing rounds has been increased from 10,000 to 210,000 to align with modern security recommendations.

In addition, existing user password hashes are now automatically upgraded upon successful login when stronger hashing parameters are available.

If the configured hashing scheme, number of rounds, or salt size exceeds the stored values, the password hash is transparently re-generated using the stronger settings. Password storage strength is only increased and never reduced.

OpenSSL was updated to 3.0.19.

OpenSSL has been upgraded to version 3.0.19.

Upgrade Go to version 1.24.13

Go has been upgraded to version 1.24.13.

Update to libxslt 1.1.45

libxslt has been upgraded to version 1.1.45.

🐞 Bug Fixes

macOS application icons issue

In previous versions, customized macOS application icons were not displayed correctly in Finder, Dock, and macOS permission settings (such as Accessibility and Screen & System Audio Recording).

This occurred because the image tool generated macOS icons only in PNG format, which caused compatibility issues with certain icon sizes.

The image tool has been updated to generate smaller macOS icon sizes in RGB + mask format where required. Customized icons now display correctly across macOS system interfaces.

Miniplayer touch movement issue

In previous versions, moving the miniplayer window using touch input was either not possible or resulted in very jittery movement.

The coordinate handling logic has been redesigned to ensure consistent behavior between mouse and touch input. The miniplayer can now be moved smoothly using touch gestures.

To improve usability on touch devices:

• The context menu is suppressed during drag operations to prevent it from appearing after a long press.
• Default touch gestures (such as page panning) are disabled on the control bar while dragging.

Meeting window remaining open after logout

In previous versions, the (WebView) meeting window inside the ISL Light application could remain open after the user logged out. The window closing logic has been improved, and the meeting window now closes properly on logout without requiring user intervention.

Audio issues when participants join or leave a meeting

In previous versions, users sometimes could not hear audio streams that were already active before they joined the meeting.

This issue was caused by upstream encoding parameters being re-evaluated when participants joined or left the meeting. The upstream behavior has been stabilized, and audio streams should now remain consistent when participants enter or leave the meeting.

Camera and microphone selector stuck in “Enumerating devices” state

In previous versions, the camera and microphone selector on the create meeting page could remain stuck in the “Enumerating devices…” state if media devices were unavailable or access was blocked.

This was caused by an error during device detection that prevented proper error handling. The issue has been resolved, and device selection now behaves correctly.

Spotlight camera stream resizing issue

In previous versions, the spotlight camera stream could be incorrectly resized and appear off screen. This issue has been resolved.

Other fixes and improvements

Bug fixes, security updates, missing translations, and other general improvements.

Minimal operating system requirement on Windows for ISL AlwaysOn application was changed from Windows 10 version 1809 (Build 17763) to initial Windows 10 release version.

🚀 New Features

Windows, macOS, Linux user password authentication for unattended access

Users can now authenticate unattended access using Windows, macOS or Linux user credentials instead of the existing Access Password model.

Note: This is a cloud license configuration change (Hosted Service), not a client-side change introduced in this release and it applies to all ISL AlwaysOn versions.

ISL Light > Computers > Password Dialog

This feature allows customers to simplify authentication and centrally manage unattended access using standard Windows, macOS or Linux accounts, while maintaining security by requiring the device password at connection time. When a session starts, the remote computer is locked and authentication is required on the remote machine.

Windows, macOS or Linux user password authentication is by default disabled and must be enabled per ISL AlwaysOn device, either:

• Manually in ISL AlwaysOn > Settings > Basics > Authentication > Windows User Password, or
• Via registry deployment for mass rollout

ISL AlwaysOn > Settings > Basics > Authentication > Windows User Password

If you do not see this setting under ISL AlwaysOn settings, the AlwaysOn client must reconnect (restart the ISL AlwaysOn service) to apply the change.

Restart the service using the following commands:

net stop isl_always_on
net start isl_always_on

Use URL query parameter instead of cookie for SA GRID ID in HTTP tunnels

HTTP tunnels now use the URL query parameter CPLB=<serverid> instead of the cookie CPLBF=<serverid> when connecting to a single-address GRID.

Affected transports:

• wininet-http
• wininet-https
• httpt-direct
• httpt-proxy

🐞 Bug Fixes

Fix installation issues on older Windows 10 versions (Qt 6.10 compatibility)

In previous versions, installation could fail on Windows 10 version 1803 (Build 17134) and earlier due to Qt 6.10 compatibility issues. The affected functionality has been redesigned, and ISL AlwaysOn can now be installed successfully on all Windows 10 versions.

Replace obsolete wmic.exe usage on Windows 10 version 21H1

In previous versions, wmic.exe was used to gather operating system information. Since wmic.exe is obsolete, incorrect operating system information could be displayed. We have replaced wmic.exe, and the issue is no longer reproducible.

On macOS 26, ISL AlwaysOn uses updated system permissions. Customers upgrading to macOS 26 will need to grant the new permissions for the application to work correctly.

🚀 New Features

Updated ISL AlwaysOn to Qt 6.10.0

ISL AlwaysOn has been updated to use Qt 6.10.0. This brings platform improvements, updated system libraries, and better long term compatibility across Windows, macOS, and Linux.

Support for extended mouse events

ISL AlwaysOn now supports extended mouse input, including:

• Horizontal scrolling
• Mouse Back button
• Mouse Forward button

Please Note: This support is currently implemented on the agent side only. It will become usable once the next ISL Light release adds operator-side support.

Remote state: disable_audio_call / disable_video_call

ISL AlwaysOn now sends the disable_audio_call and disable_video_call state to the operator.
This will allow ISL Light (in an upcoming release) to hide the audio and video call buttons in the session toolbar when connecting to unattended ISL AlwaysOn computers.

Audio and video calls are not supported in ISL AlwaysOn, so this will prevent confusion among operators.

Update logo: ISL Online Powered by PDQ.com

The ISL AlwaysOn installer and application logo now includes “Powered by PDQ”. The About window was also updated to reference Terms of Service.

Minimum OS requirement changes

The minimum supported operating system versions for ISL AlwaysOn have been updated:

• Windows: raised from Windows 7 to Windows 10
• macOS: raised to macOS 14
• Linux: now requires glibc 2.35 or newer

🐞 Bug Fixes

macOS 26 permission issue

Users on macOS 26 experienced an issue where Screen Recording and Accessibility permissions could not be granted, preventing remote control. ISL AlwaysOn now runs its launch agent from inside the .app bundle, which resolves the permission handling problem.

Please Note: Users will need to grant permissions again for the new process.

New root bundle ID: com.islonline.islalwayson.agent

This change only affects macOS 26. Older macOS versions continue using the previous implementation.

macOS installation issue

The macOS installation procedure for ISL AlwaysOn was updated. Application bundles are now installed as non-relocatable. Previously, PackageKit could incorrectly detect existing binaries on disk, which could cause installation failures.

Uninstall was also updated, and the store_product_flags executable is now removed during uninstall.

ISL AlwaysOn service not starting automatically after macOS Sequoia upgrade

The macOS daemon updates (background service) are now serialized. Previously, the daemon could be removed from system settings or during uninstall/install at the same time. Additionally, the log files for the install and uninstall commands were moved to a new log file called aon_update.out.

The ISL AlwaysOn service update is now performed in a separate process. The main issues solved are:

• Parallel installation of launch daemons/agents is now serialized and atomic (ISL AlwaysOn and ISL Light restart/resume)
• Service updates in ISL AlwaysOn are now performed in a separate process

Both were the root cause of unreliable ISL AlwaysOn installations.

macOS boot issues when launch agents fail to start

Some users experienced boot issues on macOS after installing ISL AlwaysOn.

Previously, the ISSC daemon would kill the loginwindow process during startup if the agent was not detected. This workaround was required due to a macOS issue with bootstrapping launch agents, but it was timing-sensitive and not fully reliable.

The installation process was updated so that agents are now installed/uninstalled only after the main service setup is complete. macOS is now responsible for restarting agents and managing their lifetime.

AutoTransport send correct SNI with IP hint

AutoTransport https-direct and wsstun-direct will send correct hostname SNI when using IP hint. httpt-direct and wstun-direct will set correct hostname in Host header instead of IP hint.

Make logfile changes atomic

Some users saw unexpected files starting with @ in the installation directory. This was caused by non-atomic log file updates. Log handling is now atomic, and these files should no longer appear.