Hello everyone! Here are the release notes for our most recent updates to Duo. 

Public release notes are published on the Customer Community every other Friday, the day after the D-release is completely rolled out. You can subscribe to notifications for new release notes by following the process described here. If you have any questions about these changes, please comment below. 

Check out the Guide to Duo End-of-Life and End-of-Support Plans. This guide provides an up-to-date list of current and past end-of-life plans for Duo products.  

New features, enhancements, and other improvements 

Now generally available: Trusted Endpoints support for Chrome Device Trust Connector for ChromeOS, Windows and MacOS 

• Passwordless compatibility will be included in a future release. 

Now generally available: Duo Mobile with time-based one-time passcodes (TOTP) 

• Duo administrators can now enable time-based one-time passcodes (TOTP) generated by the Duo Mobile app instead of HMAC-based one-time passcodes (HOTP) for Duo-protected applications. 
• For customers who sign up after May 2024, the Passcodes setting will not be visible in the Duo Admin Panel and cannot be changed, and the permanent default is to only accept TOTP Duo Mobile passcodes. 

Update to Duo Desktop

• Now in public preview: Duo Desktop supports Windows Server and virtual machines.

Blocking malicious physical devices from authenticating 

• Duo’s Security Data Science team, in collaboration with Talos, has identified devices matching unique device fingerprints known to be associated with ongoing attacks against Duo customers. 
• Attempted authentications from these identified devices will be marked as fraudulent; in the Authentication Log in the Duo Admin Panel the Result column will show the authentication as “Denied: Known malicious device detected and blocked.” 
• Accounts with email notifications enabled in the Lockout and Fraud settings will send an email notification to the specified recipients. 

Updates to the Duo Admin Panel 

• In anticipation of Duo Trust Monitor moving under the Monitoring tab on June 20, 2024, administrators will now see a banner in Duo Trust Monitor alerting them to the upcoming change.  

Administrators will see a banner about Trust Monitor moving.

• In Trusted Endpoints, references to MobileIron Cloud have been updated to Ivanti Neurons for MDM, and references to MobileIron Core have been updated to Ivanti Endpoint Manager Mobile. 

Update to the Universal Prompt Progress report 

• SailPoint Web apps are now displayed as Update required in the Universal Prompt Progress report. 

Update to the Duo Admin API 

• /admin/v1/settings endpoint can now support changing the customer name. 

New and updated applications 

Three new named SAML applications with Duo SSO 

• There are now named SAML applications to protect Cohesity, Dynatrace and Heroku with Duo Single Sign-On (SSO), our cloud identity provider. 
• Reminder: Duo Access Gateway reached the last date of support on October 26, 2023. The DAG end-of-life milestone scheduled for March 30, 2024, has been canceled. At this time, existing DAG applications continue to work after March 30, 2024. Please see the Guide to Duo Access Gateway end of life for more details. 

Duo Desktop for Linux version 4.0.0 released 

• Duo Desktop security agent detection is now supported on Linux. 

Duo Mobile for Android version 4.65.0 released 

• Miscellaneous bug fixes and behind-the-scenes improvements. 

Duo Mobile for iOS version 4.65.0 released 

• Miscellaneous bug fixes and behind-the-scenes improvements. 

Bug fixes 

• Fixed a bug where users authenticating in the Edge browser on iOS could be incorrectly blocked by iOS software policy due to the Edge browser not reporting a complete iOS version number. 
• Fixed a block that kept the Splunk integration type from accessing protected Auth API v2 endpoints.