VMware Workspace ONE UEM Release Notes provide information on the new features and improvements in each release. This page includes a summary of the new features in 2212, issues resolved, and known issues.

When can I expect the latest version?

We strive to deliver high-quality products, and to ensure quality and seamless transitions, we roll out our products in phases. Each rollout may take up to four weeks to accomplish and is delivered in the following phases:

  • Phase 1: Demo and UATs

  • Phase 2: Shared SaaS environments

  • Phase 3: Dedicated latest environments

This version is initially available only to our SaaS customers on Latest mode. The features and improvements incorporated in this version will be available to our on-premises or managed hosted customers with the next on-premises release. For more information, see the KB article. Workspace ONE UEM 2212 release will also be an on-premises release.

Getting Ready for Apple Major OS Updates 2022

Interested to learn about the recent Fall 2022 releases for Apple? See Getting Ready for Apple Major OS Releases 2022 for more information.

What's New


  • We've enhanced certificate retrieval for Entrust and OpenTrust PKI.

    To support retrieving and deploying past S/MIME certificates to devices (for decrypting older S/MIME emails encrypted with a past, expired certificate), you can now enable For S/MIME on the certificate template for Entrust and OpenTrust PKI CAs. This checkbox on the certificate template determines whether historical certificates are retrieved or not. Additionally, all existing EntrustPKI V9 and Opentrust PKI CA's will have the For S/MIME checkbox checked through the one time migration.

  • Conditional Access Support for On-Premises UEM Console in a Closed Network Environment.

    On-premises customers with closed network UEM console environments can now enable Microsoft Azure AD conditional access by enabling feature flag ConditionalAccessClosedNetworkSupportFeatureFlag. With this feature, customers with closed network UEM console are no longer required to create a publicly resolvable UEM console URL for VMware Workspace ONE Intelligence to reach out to over port 443. For more information, see Use Compliance Data in Azure AD Conditional Access Policies.

  • A new dashboard for Windows and macOS!

    On the Devices Dashboard page of the Workspace ONE UEM console, you can now see newly added dashboards. These dashboards display the number of iOS devices running each version.

  • Getting Started with VMware Identity Services in Workspace ONE UEM

    We’ve added a service that makes user and group provisioning easier! You can now leverage VMware Identity Services to configure your single, provisioned directory of users and groups using the SCIM 2.0 protocol in the Workspace ONE cloud admin console. VMware Identity Services will automatically provision users and groups, and authentication settings, to your Workspace ONE UEM console. You manage the directory from the Workspace ONE cloud admin console. Directory, user, user groups, and identity provider settings in Workspace ONE Access and Workspace ONE UEM become read-only. For more information, see the VMware Identity Services Release Notes.

    VMware Identity Services supports the following identity providers and directory sources:

    • Azure AD, a cloud-based identity service in Microsoft Azure

    • Generic SCIM 2.0 Identity Source


  • Deploying iOS profiles is now easier and faster with the new data-driven user interface.

    With the new Data-Driven User Interface (DDUI) user experience, you can now quickly add payloads, search, and view profile summaries. Keep an eye out for this new iOS user experience for shared SaaS. We intend to add more payloads and keys released by Apple to Workspace ONE in the future, allowing administrators to deploy much more quickly. This functionality will have a gradual rollout across Shared SaaS. For more information specific to iOS profiles, see iOS Device Profiles.


  • We've made changes to passcode content requirements for Android devices.

    A new Passcode Complexity setting is now available in the Work Passcode and Device Passcode sections of Passcode Profile. This feature lets you determine whether you want basic or advanced password settings on the devices of your users. For more information, see Android Passcode Profile.


  • We’ve enhanced and improved Bitlocker.

    We've added the ability to configure encryption of removable drives in the Workspace ONE UEM console through the BitLocker To Go settings. You can now customise the encryption method, minimum password length, and the ability to encrypt only used space.

  • Workspace ONE UEM 2212 adds support for Windows 10 virtual machines running on Amazon WorkSpaces. 

    For Windows 11, Amazon WorkSpaces does not yet provide an option for Windows 11 virtual machines. Therefore, support has not been validated by VMware for Workspace ONE UEM on Amazon WorkSpaces for Windows 11. BitLocker management, licensing and basic user profiles are not supported by Amazon WorkSpaces


    Amazon WorkSpaces virtual machines have specific restrictions they enforce which will prevent UEM from modifying these settings.


  • Workspace ONE UEM 2212 adds support for Linux virtual machines running on Amazon WorkSpaces.

    Both Ubuntu and Amazon Linux 2 WorkSpaces instances are supported with UEM. 


    UEM is unable to determine whether an Amazon WorkSpaces virtual machine is encrypted. This will be included in a future UEM release.

Before You Begin

The Workspace ONE Unified Endpoint Management (UEM) console supports the latest stable builds of the following web browsers.

  • Chrome

  • Firefox

  • Safari

  • Microsoft Edge

Comprehensive platform testing has been performed to ensure functionality using these web browsers. If you run the UEM console with an older version browser or on a non-certified browser, you can experience minor issues.

Resolved Issues

Resolved Issues for 2212

  • AAPP-15032: tvOS DDUI Unknown Certificate Type.

  • AGGL-11827: Unbinding G-Suite Android EMM Registration failed.

  • AMST-37821: Device details page wrongly shows compromised status as "Not Compromised" where it should be "Unknown".

  • CMSVC-16654: Smart Group deletion fails when workflow deleted assignment present for the device and application.

  • AAPP-15095: App details are not getting pre-filled when uploading internal app in UEM 22.09 or above.

  • UM-7787: LDAP Definition delete fails due to FK constraint.

  • MACOS-3459: macOS DDUI security and privacy profile is failing to install on MACOS devices.

  • FCA-204402: Unable to add Directory accounts with SAML only integration.

  • CRSVC-33035: Certificate revocation not working for OpenTrust.

  • CRSVC-33876: Post Workspace ONE UEM upgrade to 2209, servers hosted on 2012 R2 fail health checks.

  • CRSVC-33755: If the filter is changed after you upgrade to Workspace ONE UEM 2210 release, the event data will not be populated until refreshed.

  • ARES-23988: Android Public Application Assignment was not working as expected.

  • ARES-23915: Unable to enable CDN for a customer type OG.

  • MACOS-3460: Few keys failed to populate while editing network profiles.

  • ARES-23951: Internal app publish failed due to duplicate key insert error.

  • ARES-23996: Unable to preview Terms of Use while deploying any apps.

  • FCA-204417: Workspace ONE UEM console unexpectedly exports all the admin accounts, irrespective of the current admin role in the Workspace ONE UEM 2210 release.

  • PPAT-12882: During an upgrade, tunnel migration encounters data error.

  • FCA-204401: "Open Help Page" link on the Internal app details view page leads to a broken documentation link (404 error).

  • ARES-23860: Specific stored procedure displays collation error during an environment upgrade.

  • RUGG-11607: Workspace ONE UEM 2206 release, the files downloaded from Files or Actions were empty.

  • CMCM-190239: When all contents in a category are assigned to a User Group, the category failed.

  • FCA-204401: Admin email address field does not accepts + and many more symbols.

  • FCA-202372: Moving a device to a different OG failed when device wipe was triggered.

  •  AGGL-13259: Android Hub auth token gets revoked when the Hub assignment is removed.

  • MACOS-3284: AirWatch CA Template does not populate.

  • MACOS-3378: Certificate is not referenced correctly in the Network payload.

  • MACOS-3385: Network profile lookup values were not resolved.

  • CMSVC-16550: Smart Group Assignment on Checkout fails when the smart group criteria contains Device Model.

  • CMSVC-16558: Workspace ONE Intelligence Tag Automation failed with HTTP error in Workspace ONE UEM during an API call.

  • CMEM-186728: Can Microsoft Exchange integration account password of other tenants through API Endpoint.

  • FS-1766: Removing application request causes Device Details page to fail.

  • RUGG-11528: Wallpaper set up using launcher persists on the device even when removed.

  • AMST-37639: Unable to install user profile. Receiving error when trying to push manually.

  • AGGL-13268: Unable to upload Calculator application from the internal apps section.

  • AGGL-13339: Unmanaged apps can be removed from UEM console when the app was previously managed.

  • AAPP-14986: Increased DS memory usage was observed after upgrade to Workspace ONE UEM 2209 release.

  • ARES-23277: Increase the SP timeout for procedure.

  • CRSVC-33499: Unable to save syslog settings with hostname due to error Save failed Invalid Host name.

  • UM-7632: Unable to see users at the parent OG level using API/system/users/search after changing user group permissions.

  • FCA-204007: Unable to pull storage information with API.

  • ARES-23708: TOU page fails in the Workspace ONE UEM console.

  • ARES-23741: Troubleshooting event for Component Profile fetch shows wrong user information.

  • ARES-23063: Text overlap in the profile assignment list view.

  • ARES-23645: After upgrade to Workspace ONE UEM 2203 release, the profiles failed to be removed during the first attempt.

  • RUGG-11472: Apps API returned both Elective Products and Required Products for macOS Hub Catalog.

  • CMSVC-16621: Optimize Assign/Unassign Tag Device APIs to remove unnecessary Device List DB call.

  • RUGG-11520: Limit page size for custom attribute search API.

  • FCA-204004: Event Data modal was not getting loaded for device and console events.

  • RUGG-11581: Editing Launcher layout by deleting rows leads to the Launcher being unable to launch when the “Add Row for Pinned Apps” is enabled.

  • INTEL-43347: Display Last Checked Out Username in Workspace ONE UEM Devices data in Intelligence.

  • AAPP-15010: Devices enrolled with the Default Staging account do not prompt for login. Device Staging was disabled in the database.

  • AMST-37542: Device compliance status for baselines was switching from compliant to non-compliant mode.

  • AGGL-12098: Request to increase the maximum character limit for fields in the Chrome Browser settings profile.

  • FCA-204272: Custom device activation template was not sent sent to the devices that were enrolled through SSP.

  • AAPP-15027: Certain VPP Apps are stuck in Pending Check.

  • CMCM-190220: Duplicate key error occurs when content map data has >1 status.

  • UM-7697: Assignments based on user group do not update name when name of user group is changed.

  • UM-7697: AirWatch Purge expired Sample Data SQL job was failing.

  • AGGL-12919: Android build version field was blank while exporting CSV/XLSX with custom layout.

  • PRFL-18: Adding excluded smart group in the profile payload causes the page to crash if the same smart group was already added to the included smart group.

  • AMST-37551: Adding a new version for win app failed in certain scenarios (EAR or change icon). Patch Resolved Issues

  • AMST-38045: Dropship Online Self Service not working on multiple shared SaaS environments.

  • CMCM-190304: Date and time format is not localized under edit content repository template page.

  • AAPP-15235: Device details information must be fetched and displayed.

  • AMST-38009: Unable to modify and save the install command for Windows app.

  • FS-2528: Unable to add more than 20 resources for Windows devices.

  • PPAT-12973: STR with multiple port ranges are separated into multiple lines.

  • CMEM-186750: MEM RunCompliance pushing the managed devices into the blocked state when MEM Compliance is enabled. Patch Resolved Issues

  • INTEL-45766: Customer reporting device hostname is incorrect and inconsistent in the Intelligence platform.

  • ARES-24397: SP called too many times adding to database contention.

  • UM-7814: Migrate from access token to jst tokens scim APIs.

  • AAPP-15071: tvOS DDUI Unable to upload .pem, .p12 certificates. Patch Resolved Issues

  • ENRL-3683: Notifications are not sent for enrollment lifecycle.

  • UM-7836: VMware Identity Service UI is not able to save Azure settings.

  • MACOS-3586: Disk encryption status is not in right format.

  • MACOS-3561: Rocket space man error when tried accessing Security tab for macOS device.

  • AMST-38160: Hub not showing device as enrolled and not receiving apps/profiles.

  • AMST-38170: Location option missing in Bulk management for Windows devices.

  • RUGG-11774: Product - Save fails when trying to create a delete file Manifest in File/Actions with an Absolute Path on Console v22.10.

  • MACOS-3572: macOS - Add support for new hardware released.

  • INTEL-46368: DB Patch failing with PK constraint error on upgrade.

  • CRSVC-34950: Enhance OAuth log for pin pointing error source.

  • AMST-38180: Antivirus and Firewall status are failing periodically.

  • AGGL-13814: Cannot view XML or install Android profile containing both VPN and Credentials payloads.

  • ARES-24508: InstallEnterpriseApplication failures for macOS.

  • PPAT-12919: DTR updates are not consistently consumed by Windows devices.

  • PPAT-13439: iOS VPN Profiles have the incorrect DTR ruleset getting applied for devices.

  • CMEM-186769: PowerShell integration with Modern Authentication failing for O365 Tenants.

  • MACOS-3553: MacOS DDUI login window profile is failing to install on device with error.

  • AMST-38183: Migration message appears after 22.10 update - without FF.

  • FCA-204696: General search returns ASCII value for apostrophe in the device friendly name.

  • ARES-24475: Unable to see any installed apps in Apps section in UEM console. Patch Resolved Issues

  • AMST-38162: Seed 22.10.4 HUB to UEM console.

  • ARES-24650: Unable to renew provisioning profile on internal iOS apps.

  • FCA-204727: Incorrect alignment of app assignment columns.

  • AAPP-15353: User-enrolled iPad devices are not showing device model details on the Device friendly name and under Device Model.

  • CRSVC-34953: DeviceStateMigrationService leading to 100% CPU usage on the node.

  • CMSVC-16771: Unable to load Assignment Groups list view and unable to load Assignment Groups in app assignments. Patch Resolved Issues

  • AAPP-15401: Existing apps gets hidden on a Shared iOS device when a new VPP app is assigned.

  • AMST-38174: Evaluate and update Enterprise Reset and DeviceGaurd check in the enterprise reset flow.

  • AMST-38286: Workspace One Catalog not displaying Custom Category when added to Windows Script.

  • ARES-24502: Enterprise Application Repository is no longer able to add iTunes application.

  • MACOS-3605: Spaceman error when loading Accounts > Users > List view. Patch Resolved Issues

  • AMST-38337: Baseline compliance report generation on fully compliant devices refreshes the baseline policies and switches the status to Pending Install.

  • ARES-24702: Unable to view/edit Credential Profile in UEM.

  • AAPP-15387: Beacon sample should trigger Device Info sample but should not save OS data.

  • CRSVC-35245: AWCM Test Connection stops working after console runs for a few days.

  • MACOS-3613: DDUI - VPN payload "Provider Designated Requirement" field has a maximum character limit of 255.

  • AAPP-15425: Post Console Upgrade from 22.06 to 22.09 VPP Assignment is not working as expected.

  • FCA-204781: Console app pool is terminating with unhandled exception.

  • AMST-38342: Computer name field missing for Windows devices. Patch Resolved Issues

  • UM-7885: CN URL is shared with VMware Identity Service to call API end-point.

  • ARES-24750: Terms Of Use list view inaccessible and Terms Of Use reporting shows inconsistent results.

  • FS-2747: Conditions are not evaluated with macOS Freestyle.

  • ARES-24780: Data corruption while loading data from table.

  • AMST-38397: Gateway throttling for Managed Apps sample.

  • CMCM-190373: Unable to download managed content uploaded to CDN from UEM console.

  • CMEM-186787: MEM O365 test connection failing due to missing environment name for existing configuration.

  • AMST-38368: Seed 22.06.20 SFD to UEM console. Patch Resolved Issues

  • CRSVC-35769: Device compliance status is marked as Unknown post enrollment.

  • CRSVC-35959: Refactor EventLogService to use concurrent bag.

Known Issues

  • AAPP-15138: Installation count has not updated for Apple Books.

     When deploying books to Apple devices, book status incorrectly displays as "uninstalled" despite the book being installed and available to the end user. This is a cosmetic issue and does not prevent the ability to deploy books.

    There is no current workaround for this issue.

  • AMST-37856: Device details page wrongly shows compromised status as "Not Compromised" where it should be "Unknown".

    The compromised Status of the windows Device is derived from the sample (HAS and windows security sample). When Device has not reported the sample, the compromised Status should be unknown but currently shows as "Not Compromised".

    There is no current workaround for this issue.

Support Contact Information

To receive support, access VMware Customer Connect. To learn more about the support policies, see Support Policies. For information about filing a Support Request in Customer Connect and using Cloud Services Portal, see the VMware knowledge base article at here.


To learn more about Workspace ONE UEM you can browse the following documentaion link

check-circle-line exclamation-circle-line close-line
Scroll to top icon