Reading Time: 5 minutes

Veeam has just released a new build for Veeam Backup & Replication 12.3.1.1139. You can check the installed build number in the Veeam Backup & Replication Console’s Main Menu () under Help > About.

The first reason of this release if to fix the CVE-2025-23120 issue: a vulnerability allowing remote code execution (RCE) by authenticated domain users. This issue is critical and has a CVSS v3.1 Score  of 9.9!

Veeam Backup & Replication 12.3.0.310 and all earlier version 12 builds are affected by this issue.
Note: Unsupported product versions are not tested, but are likely affected and should be considered vulnerable.

Note: This vulnerability only impacts domain-joined backup servers, which is against the Security & Compliance Best Practices.

New features and enhancements

Platform Support
  • VMware vSphere 9.0 readiness based on the pre-release builds. The official support will be confirmed with a full regression testing of the GA build when it becomes available. This article and KB2443 will be updated with a support statement following that.
  • IBM Db2 plug-in now supports Db2 version 12.1 and SLES 12 SP5.
  • SAP HANA plug-in now supports SAP HANA 2.0 SPS 08 and SLES 15 SP6 for SAP HANA on IBM Power.
Microsoft Entra ID Backup
  • Protection of conditional access policies has been backported from the next major release, where it will become available as an option in the user interface. For more information on how to enable this functionality, review this section of the User Guide.
    Note: This functionality is only available for Essentials, Advanced, and Premium editions.
  • License consumption logic was updated to no longer consume licenses for external (guest) users and disabled users. Any licenses associated with previously licensed objects will be released automatically 30 days after installing 12.3.1. Alternatively, you can revoke these licenses immediately using the License Information dialog.
Nutanix AHV
  • Removed the experimental support designation for malware detection, guest file indexing, and application-aware processing, except database log file shipping, which will still be considered experimental.
    Note: The experimental status removal does not retroactively apply to existing 12.3.0 installs and requires updating to 12.3.1 due to the included related bugfix.
Proxmox VE
  • Updated ProxmoxVE plug-in enables the usage of non-root users to register Proxmox, support for Open vSwitch (OVS) networking, Object Storage API (SOSAPI), Nested Pools for backup jobs scope, and brings further backup performance improvements. For more information, please refer to KB4721.
VMware vSphere
  • Instant VM Recovery engine improvements deliver a 5x increased number of simultaneous instant VM recoveries: up to 1000 VMs per backup server and up to 200 VMs per vPowerNFS server. The readiness check for VM migration to production storage has also been optimized to improve performance.
  • Automatically disconnect vPower NFS datastores after Instant VM Recovery sessions are completed, reduce alarms or misleading capacity planning calculations caused by disconnected vPower NFS datastores. To configure, create the following registry value on the backup server:
    Key Location: HKLM\SOFTWARE\Veeam\Veeam Backup and Replication\
    Value Name: vPowerNFSUnmountDatastore
    Value Type: DWORD (32-bit) Value
    Value Data: 1
Malware Detection
  • Custom Internet proxy support has been added for downloading updates to the Veeam Threat Hunter threat signatures. To configure, create the following registry value on the Mount Server:

    Key Location:     HKLM\ SOFTWARE\Veeam\Veeam Threat Hunter\
    Value Name: VTHInternetProxy
    Value Type: String Value (REG_SZ)
    Value Data: <proxy>:<port>

    Note: The system-wide Internet proxy settings are now also respected; see the Resolved Issues section below.
Object Storage
  • Automatic bucket creation mode is now used by default for newly created S3-compatible object storage repositories.
  • Improved object storage compatibility by allowing the backup server to ignore errors caused by S3-compatible object storage using unconventional storage class names. This can be enabled by creating the following registry value on the Veeam Backup Server:

    Key Location:     HKLM\SOFTWARE\Veeam\Veeam Backup and Replication\
    Value Name: S3IgnoreCustomStorageClasses
    Value Type: DWORD (32-bit) Value
    Value Data: 1
Secondary Storage Integrations
  • Dell Data Domain DD OS versions 8.2 and 8.3 support added for Data Domain integration as a backup repository.
  • Microsoft SQL Server plug-in performance improvements when writing to deduplication appliances, thanks to leveraging parallel streams, each using its own VAB file, even when backing up a single database.
Unstructured Data Backup
  • Metadata captured by the Amazon S3 Metadata service is now included in object storage backups to ensure comprehensive bucket data protection.
Configuration Database
  • TLS connection support for the PostgreSQL configuration database has been added for improved security when hosting the database on an external server.
Email Notifications
  • OAuth 2.0 support for nonstandard Azure regions, including the U.S. Government, China, and Germany, is now available for email notifications. To enable this, create the following registry value on the Veeam Backup Server:

    Key Location:     HKLM\SOFTWARE\Veeam\Veeam Backup and Replication\
    Value Name: EmailNotificationMicrosoftCloudInstance
    Value Type: String Value (REG_SZ)
    Value Data: <desired_region_name>
Setup
  • New ISO-based update distribution reduces downtime by accelerating update installation and eliminates the additional disk space requirement on the backup server, which was previously needed for unpacking the update before its installation.
  • Windows Script Host no longer needs to be temporarily enabled to install product updates.
Veeam Vault
  • Added automatic upgrade of Veeam Vault V1 backup repositories (shared keys authentication) to V2 (Entra ID authentication) for added security and improved user experience.
API
  • New REST API capabilities includechanging existing password records, rescanning all backup repository types, downloading metadata for Unstructured Data backups, and performing backup deletion.
  • New PowerShell capabilities include connection to Veeam Vaults, querying, and restoring protected Microsoft Entra ID conditional access policies.
Share

Related Posts

  • Veeam Backup & Replication 6

    Alla fine, dopo varie settimane dall'annuncio, Veeam Backup & Replication 6 è disponibile per il download (da ieri). Per maggiori informazioni sulle nuove funzionalità vedere (in inglese): What's New in v6 http://blog.mwpreston.net/2011/11/21/veeam-v6-whats-new/ http://www.veeam.com/blog/veeam-backup-replication-v6-what-a-list-of-new-and-improved-features.html Probabilmente la novità più nota e chiaccerata è il supporto multipiattaforma per…

  • Veeam Backup & Replication 12

    On Febrary 14th, Veeam has announced the availability of Veeam Backup & Replication 12. For more information see the release notes document. The release version of Veeam Backup & Replication 12 is available for download at starting from February 14, 2023. Veeam Backup & Replication…

  • Veeam Backup & Replication 6.5

    Veeam has recently released the new version of his backup product, announced during the VMworld EU and with several new features. Also it include new compatibility matrix: New hypervisor support: VMware vSphere 5.1 and Windows Server 2012 Hyper-V To download the product, or the trial go to the…