With the recent release of Veeam Backup & Replication v12.2 and noted critical vulnerabilities that it fixes, many in their environments are likely looking to get their Veeam infrastructure upgraded to implement these security fixes. I wanted to put together a quick walkthrough of how to upgrade Veeam Backup & Replication 12.2 servers and the steps you want to take care of beforehand.
Fixed in Veeam Backup & Replication 12.2
There are several security fixes to note in VBR 12.2. These include the following found on the official Veeam KB found here: KB4649: Veeam Security Bulletin (September 2024):
CVE-2024-40711
Severity: Critical
CVSS v3.1 Score: 9.8
CVE-2024-40713
Severity: High
CVSS v3.1 Score: 8.8
CVE-2024-40710
Severity: High
CVSS v3.1 Score: 8.8
CVE-2024-39718
Severity: High
CVSS v3.1 Score: 8.1
CVE-2024-40714
Severity: High
CVSS v3.1 Score: 8.3
CVE-2024-40712
Severity: High
CVSS v3.1 Score: 7.8
New Proxmox VE Server Backups
There is also a great new feature in Veeam 12.2 that is something that many will want to note and that is Proxmox VE Server backups. With Veeam Backup & Replication 12.2, you can now back up your Proxmox VE servers.
This will be a great new capability for in addition to the security fixes to make upgrading sooner rather than later a priority for many organizations.
Steps Before you Upgrade to Veeam Backup & Replication 12.2
There are a few steps that need to be accomplished before you being the upgrade of your Veeam Backup & Replication servers in your environment. These include:
- Back up your Veeam server configuration
- Back up your Veeam database
Back up your Veeam server configuration
In Veeam, this is known as a Configuration Backup and it grabs all your configured backup jobs and other configuration that is part of your Veeam server. Below, you can see you have a Backup now button that allows you to take ad-hoc backups of your Veeam configuration. Generally, you should already have this scheduled, but it is still a good idea to take a fresh backup before you upgrade.
Back up your Veeam database
Next, you need to grab a backup of your Veeam database. Below, we are backing up a SQL Server database used for Veeam. This process is straightforward. You may also be using a PostgreSQL DB, so follow the directions of your database technology to back up your database before the upgrade.
Upgrade to Veeam Backup & Replication 12.2
Also, just a point to note, I uploaded the Veeam Backup & Replication 12.2 ISO to my vSphere datastore as the ISO is huge at 12 GB or so. The Veeam Backup & Replication 12.2 upgrade process seems a bit more of a stickler on disk space. In my lab environment I only had 30 gigs or so free on the C drive.
It complained about this as it said it needed 40 gigs or so free. I believe it calculates 3x the ISO and some space for the database. So, instead of having the ISO inside of Windows, I copied it up to my datastore and mounted it to the VM to save on the disk space.
Once mounted, just execute the SETUP.EXE file.
This will launch the upgrade process.
Since I only have the Veeam Backup & Replication server running, the other option for Enterprise manager is greyed out. It will also upgrade the Veeam Backup & Replication console as part of the VBR 12.2 upgrade.
Accept the Veeam Backup & Replication 12.2 EULA.
It will run through an upgrade pre-check and show you which components and versions of those components will be upgraded. Note the checkbox to Update remote components automatically. This is a time saver that you may want to check. However, if you want to be more hands on with the upgrade, you can also leave this unchecked and upgrade the components manually when you launch the Veeam Backup & Replication 12.2 console.
License file information. It will display your current license and then give you links to login or browse to a different license file if you need to change that.
System configuration check will verify prerequisites and other components that are needed.
It upgraded the Microsoft Visual C++ runtime, and needed a reboot.
After rebooting, I picked back up on the upgrade process. Here we get to the service account page. Veeam recommends the LOCAL SYSTEM account. However, if you use a Windows account, just make sure it has rights to the Veeam database in SQL Server permissions if you are using SQL Server.
Database configuration has you point the upgrade to the Veeam database and how you want to authenticate.
It lets you know the database will be upgraded during the process. This is why we take the SQL Server backup of the database just in case.
The upgrade wizard is now ready to begin the upgrade. Click Upgrade to start the process.
You will see the Step 1 of 6 and then see it progress through 2, 3, 4, 5, 6, and so on.
Step 3…I missed step 2…which I believe is upgrading the VBR console.
Now Step 4, upgrading Veeam Agents Redistributables…
Step 5, upgrading plug-ins for Veeam Backup & Replication 12.2.
The upgrade process completes successfully.
If you chose not to upgrade remote components automatically, when you log into the Veeam Backup & Replication 12.2 console, you will see the wizard prompt you to upgrade those components.
Wrapping up
The upgrade process to Veeam Backup & Replication 12.2 is straightforward. Just do your proper steps before the upgrade process like backing up the configuration and the database to make sure you have a way to roll back in case something happens. Otherwise, it is just a matter of mounting the ISO, and then stepping through the upgrade steps in the process.
