cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4739
Views
0
Helpful
5
Comments
timshores
Cisco Employee
Cisco Employee

Hello everyone! Here are the release notes for our most recent updates to Duo.  

Public release notes are published on the Customer Community every other Friday, the day after the D-release is completely rolled out. You can subscribe to notifications for new release notes by following the process described here. If you have any questions about these changes, please comment below. 

Check out the Guide to Duo End-of-Life and End-of-Support Plans. This guide provides an up-to-date list of current and past end-of-life plans for Duo products.  

What’s in this release?

 

New features, enhancements, and other improvements 

Now in public preview: Continuous Identity Security featuring Duo Identity Security

Our integration with Cisco Identity Intelligence adds value on top of your identity and security investments like Microsoft Entra and Okta. It uses AI to analyze all identity-related activity across all accounts, all devices and IdPs to provide deep visibility into identity infrastructure and continuously inform Cisco Duo enforcement points.

 

Duo policy default updates for customers with Duo Advantage and Duo Premier editions

 

LastPass is now compatible with the Duo Universal Prompt

  • The Duo-protected LastPass application will now show that it is Ready to Activate in the Duo Admin Panel after you authenticate to LastPass with the "Use Duo Web SDK when possible" option enabled in your LastPass Duo multifactor settings.

 

New location for What's New content in the Duo Admin Panel

  • What’s New content has been relocated from the Dashboard to the Help menu, where it offers better navigation experience and is accessible from every page in the Duo Admin Panel.

  

Improvements to enrollment in the Duo Universal Prompt

  • Updated content to provide clearer instructions to enrolling users.
  • Removed the following two cards from the enrollment flow.

 

timshores_4-1715350189977.png

 

timshores_5-1715350189980.png

 

 

New and updated applications

Six new named SAML applications with Duo Single Sign-On

  

Duo Multifactor Authentication for Cisco ISE

 

Duo Authentication Proxy version 6.4.0 and version 6.4.1 released

  • Version 6.4.0
    • Fixes unnecessarily strict Connectivity Tool validation of ldap_server_auto SSL certificates.
    • Improves logged error messaging for AD DIR_ERROR responses.
    • The Authentication Proxy Manager now displays additional error information in certain failure scenarios.
    • Updates the internal build process to use scoped package names.
    • Upgrade to Cryptography 42.0.5 / OpenSSL 3.2.1 to address CVE-2024-26130, CVE-2023-50782, and CVE-2024-0727.
      • This version of OpenSSL changes the default SSL/TLS security level from 1 to 2. As a result of the default security level change, certificates with key lengths less than 2048 are no longer acceptable for inbound and outbound SSL, LDAPS, or STARTTLS connections to the Authentication Proxy. Our recommendation is that you reissue your certificates with key lengths of 2048 or greater. If you cannot update your certificates now, a workaround is available. Please see Duo KB article 8866 for details.
    • Upgrade Python to 3.11.9 to address CVE-2023-6597 and CVE-2024-0450.
    • Upgrade OpenSSL FIPS module to 3.0.9 to address CVE-2023-1255.
    • Updates various internal dependencies.
  • Version 6.4.1
    • Fixes a resource leak related to failed TLS connections in ldap_server_auto.
    • Please review the information in the 6.4.0 release note. If you experience issues with LDAPS/STARTTLS connections after installing 6.4.1, and your certificate(s) have key lengths less than 2048, see Duo KB article 8866 for a workaround.

 

Duo Network Gateway version 3.1.0 released

 

Duo Desktop version 6.7.0 released

 

Duo Desktop public beta version 6.6.1 released

 

Duo for OWA 2.1.0 released

  • Duo MFA parameters now correctly removed from the OWA URL after Duo authentication.
  • Corrects an issue affecting redirection to shared mailboxes after Duo MFA.

 

Duo Mobile for Android version 4.64.0 released 

  • Miscellaneous bug fixes and behind-the-scenes improvements.

 

Duo Mobile for iOS version 4.64.0 released

  • Miscellaneous bug fixes and behind-the-scenes improvements.

 

Bug fixes

 

timshores_6-1715350189981.png

 

  • The Policies page banner informing Duo administrators about Better protection with risk-based factor selection policy will now only appear for customers with Duo Advantage and Duo Premier editions.
 
timshores_7-1715350189982.png
Comments
DuoKristina
Cisco Employee
Cisco Employee

Post updated with the following additions:

  • Continuous Identity Security public preview
  • Information about LastPass Web SDK setting
  • Duo Desktop 6.7.0 release information
  • Duo for OWA 2.1.0 release information
DuoKristina
Cisco Employee
Cisco Employee

Duo Authentication Proxy 6.4.0 and 6.4.1 release notes in post updated to include the default security level change in OpenSSL and its new certificate key length requirement.

bjames
Level 5
Level 5

Hi,

 

Where is the documentation on Cisco Security Intelligence? I am trying to set it up but can't find any docs on it.

 

Thanks

landyn
Cisco Employee
Cisco Employee
bjames
Level 5
Level 5

Thank you!!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links