cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
662
Views
0
Helpful
2
Comments
Rick Wong
Cisco Employee
Cisco Employee

Hello everyone! Here are the release notes for our most recent updates to Duo. 

Public release notes are published on the Customer Community every other Friday, the day after the D-release is completely rolled out to commercial deployments. Check the Duo cloud service release version for your Duo account from the Duo Admin Panel. If you have any questions about these changes, please comment below. 

You can subscribe to notifications for new release notes by following the process described here.

Check out the Guide to Duo End-of-Life and End-of-Support Plans. This guide provides an up-to-date list of current and past end-of-life plans for Duo products.  

 

Cisco Duo 

New Features 

Now Generally Available: Routing Rule Calculator  

The Duo Single Sign-On Routing Rules page now has an option called Routing Rule Calculator to allow you to simulate which routing rule would get picked based on a submitted email address, application, and IP address. 

Enhancements 

  • Admin API endpoint for sending enrollment links (/admin/v1/users/enroll) now uses the customer’s enrollment link setting (under “Enrollment emails” on the Settings page) as its default expiration if none is specified. The previous default value was set to 30 days.
  • Directory Synchronization now allows modifying the sync config while a sync is running. Deleting the sync is still not allowed. 
  • A new optional parameter, display_username, was added to the OIDC Auth API to allow specification of the username that will show up in the Duo Push. 

 

New and Updated Applications  

Nine new named applications with Duo Single Sign-On (SSO) 

MyWorkDrive is now ready for the Duo Universal Prompt 

  • Upgrade to MyWorkDrive 7 for Universal Prompt support. 
  • MyWorkDrive integrations will no longer show as "Waiting on App Provider" in the Universal Prompt Progress Report and instead will show "Update Required." 

Duo Authentication for AD FS version 2.3.0 released  

  • Adds the new Duo Secret Key Rotation tool in the AD FS installation directory to assist administrators with updating the application's Client_Secret to a new value when required. 
  • The Client_Secret is encrypted in the Windows registry. Previously, the Client_Secret was saved as clear text in the registry. 
  • Product installer updated to use WiX Toolset tooling. Previous releases used Advanced Installer. 
  • Adds support for Windows Server 2025. 
  • The Duo AD FS 2.3.0 installer restarts the AD FS service prior to exiting. The restart is required if upgrading from a previous version of the Duo AD FS MFA adapter. If any errors are displayed during installation, you may need to manually restart the AD FS service after install completion.

Duo Desktop 7.3.0.0 for macOS released 

  • Minor improvements and enhancements. 

Duo Desktop 7.3.0 for Windows released  

  • Minor improvements and enhancements. 

Duo Desktop public beta 7.3.1 for Windows released 

  • Minor improvements and enhancements. 

Duo Desktop public beta 7.3.1.0 for macOS released 

  • Reduced the interval for checking for automatic updates to the app. 
  • Minor improvements and enhancements. 

Duo Mobile for Android version 4.81.0 released   

  • Miscellaneous bug fixes and behind-the-scenes improvements. 

Duo Mobile for iOS version 4.81.0 released 

  • Miscellaneous bug fixes and behind-the-scenes improvements. 

 

Bug Fixes 

  • Fixed a bug where Passport sessions established by a successful authentication from Duo Authentication for Windows Logon & RDP would be affected by a blocking policy for unknown browsers, which resulted in users having to perform MFA again instead of leveraging their Passport session. 
  • Fixed a bug where admins could not re-activate Duo Mobile when Duo Mobile Passcodes were enabled as an admin login factor but Duo Push was not. 

 

Identity Security 

New Features 

  • New Check: Authenticator Registration Anomalies - During account compromise attacks, it is common for the malicious actor to enroll an authentication device in their possession on the compromised end user's account. This allows them to successfully pass potential MFA controls on their future sign-in attempts and to maintain control over the account. The “Authenticator Registration Anomalies” check aims to identify authenticator enrollments that may indicate malicious intent. 
  • New Report: Microsoft License Utilization by User - Users are often automatically granted certain Microsoft licenses when their account is created; however, if a user becomes inactive for an extended period of time, or switches roles in the organization, they typically retain the license(s) even if it is no longer needed. This report provides a summary of Microsoft license assignment for every enabled Entra user, as well as the user type (internal, external, service account, etc), the user's activity status and more to help easily identify accounts that should be prioritized for license clean up or account deletion to regain Microsoft licenses. 

 

Enhancements 

  • Improved the Sensitive Applications settings to make it easier to identify which applications were added to the list by default based on Identity Intelligence’s recommendations, and which applications have been added by a tenant admin. 
Comments
DuoKristina
Cisco Employee
Cisco Employee

Post updated to correct links to the Duo Secret Rotation Tool and Duo Desktop for macOS beta 7.3.1.0.

DuoGaryMood
Level 1
Level 1

Thank you.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links