ConnectWise is updating the digital signing certificates used in ScreenConnect, ConnectWise Automate, and ConnectWise RMM due to concerns raised by a third-party researcher about how ScreenConnect handled certain configuration data in earlier versions.
In addition to issuing new certificates, ConnectWise is releasing an update to improve how this configuration data is managed in ScreenConnect. This issue does not involve a compromise of their systems or certificates (including the event described in our May 28, 2025 Security Advisory). However, based on recent requirements from ConnectWise technology partners, they are required to rotate our certificates by Friday, June 13 at 8:00 p.m. ET. ConnectWise received this extended deadline Monday evening.
Read more…
Source: ConnectWise
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Hackers Started Using “SambaCry Flaw” to Hack Linux Systems
June 10, 2017
Two weeks ago we reported about a 7-year-old critical remote code execution vulnerability in Samba networking software (re-implementation of SMB networking protocol) that allows a remote hacker to take full control of a vulnerable Linux and Unix machines. To know more about the SambaCry vulnerability (CVE-2017-7494) and how it works, you can read our previous article. At ...
- Group Behind NSA Dump That Led to WannaCry Opens 0-Day Exploit Subscription
May 30, 2017
Infamous hacking group Shadow Brokers has promised to release more zero-day exploits, such as the one that has made life a misery for some 300,000 people across the world via WannaCry. Now, the group isn’t just after wreaking havoc, but also after making some money, since the releases will be made for a special club ...
- Chrome Flaw Allows Sites to Secretly Record Audio/Video Without Indication
May 30, 2017
What if your laptop is listening to everything that is being said during your phone calls or other people near your laptop and even recording video of your surrounding without your knowledge? Sounds really scary! Isn’t it? But this scenario is not only possible but is hell easy to accomplish. A UX design flaw in the Google’s ...
- Yahoo Retires ImageMagick After Exploit Leaks Email Content
May 22, 2017
Yahoo is once more at the center of a security scandal after an ImageMagick library exploit was found leaking user email content. The discovery was made by security researcher Chris Evans, who demonstrated the exploit, showing just how easy it was to break Yahoo’s system to trigger email information leaks. Yahoo has since retired the use of ...
- Cisco Finally Patches 0-Day Exploit Disclosed In Wikileaks-CIA Leak
May 10, 2017
Cisco Systems has finally released an update for its IOS and IOS XE software to address a critical vulnerability, disclosed nearly two months back in the CIA Vault 7 leak, that affects more than 300 of its switch models. The company identified the vulnerability in its product while analyzing “Vault 7” dump — thousands of documents ...
- ‘Crazy bad’ bug in Microsoft’s Windows malware scanner can be used to install malware
May 9, 2017
Miscreants can turn the tables on Microsoft and use its own antivirus engine against Windows users – by abusing it to install malware on vulnerable machines. A particularly nasty security flaw exists in Redmond’s anti-malware software, which is packaged and marketed in various forms: Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center ...