Service Announcements include changes that must be made to a SecureAuth IdP appliance or environment in which it resides; and Vulnerabilities include outside issues that may or may not affect SecureAuth, and workarounds or resolutions to those that do affect the product.
Knowledge Base Articles
- SecureAuth security advisory – Apache Log4j vulnerability
- SecureAuth security advisory - Machine Key Randomization
- SecureAuth security advisory - AngularJS client-side template injection
- SecureAuth recommendations for Windows patches
- Is SecureAuth IdP Impacted by the ROBOT Attack Vulnerability?
- IMMEDIATE ACTION REQUIRED: MFA Root 3 Certificate Expiration
- SHA 1 Appliance Certificate Update Procedure
- Deprecation of KEYGEN Functionality in Google Chrome v49
- Is SecureAuth IdP Impacted by the Badlock Bug?
- Is SecureAuth IdP Impacted by the DROWN Attack?
- SecureAuth IdP SHA256 Cloud Web Service
- Clickjacking Vulnerability and SecureAuth IdP
- Microsoft Windows Updates for MS15-034 and MS15-041
- Is SecureAuth IdP Impacted by the "FREAK" Vulnerability (CVE-2015-1637)?
- Microsoft SChannel Remote Code Execution Vulnerability
- SecureAuth Algorithms for FIPS Compliance
- SecureAuth IdP Issue with OpenSSL Heartbleed Bug
- SecureAuth Hosted Services - Security FAQ
- Microsoft ASP.NET ValidateRequest Filters Bypass Cross-Site Scripting Vulnerability
- SSL/TLS Information Disclosure (BEAST) Vulnerability
- ASP.NET Padding Oracle Vulnerability