A preventive decision was made to increase security and minimize the risk for both ITRS and our customers by not including the operating system itself in our downloads. With this change, we achieve a smaller attack surface and security is improved for our customers. We are committed to the security of our product although it unfortunately, in this case, comes at a price of inconvenience.
Who is affected
OP5 Monitor customer who in the past has relied on the ISO/OVA images for their operation or evaluation are affected. Looking at the download statistics for OP5 Monitor we have seen that the tar-ball is much more popular compared to the ISO/OVA. This means that a majority of the customer base already prepare their own operating system installations.
A specific set of customers that may be affected are those that have offline installations of OP5 Monitor and has used the ISO/OVA in the past to not only update OP5 Monitor but also update the operating system. For guidance in this use case, please have a look at this article here.
What do I need to do now
If you have been relying on the ISO/OVA files in the past, you now need to handle operating system updates and installations separately. For new installations, you will have to download and install the operating system from official sources, and then use the instructions in this article here to install OP5 Monitor as an application.