Hello everyone! Here are the release notes for our most recent updates to Duo. 

Public release notes are published on the Customer Community every other Friday, the day after the D-release is completely rolled out to commercial deployments. You can subscribe to notifications for new release notes by following the process described here. Check the Duo cloud service release version for your Duo account from the Duo Admin Panel. 

If you have any questions about these changes, please comment below. 

Review the Guide to Duo End-of-Life and End-of-Support Plans. This guide provides an up-to-date list of current and past end-of-life plans for Duo products.  

• Cisco Duo
• Android 12 End of Life
• New Features
• Now Generally Available: Chrome OS support is included with Chrome Enterprise as a health data source only.
• Now Generally Available: Added a new page in the Devices menu called Device Data Sources
• New Features Available in Duo’s Federal Editions
• Enhancements
• New and Updated Applications
• New Duo Single Sign-On Applications
• Duo for Outlook Web App (OWA) version 2.2.0 Released
• Duo Unix - Two-Factor Authentication for SSH v2.1.0Released
• Duo for Remote Desktop Web version 3.1.0 Released
• Duo Authentication Proxy 6.5.1 Released
• Duo Desktop 7.7.1.0 for macOS Public Beta Released
• Duo Desktop 7.7.1 for Windows Public Beta Released
• Duo Authentication for Windows Logon v5.1.1 Released
• Duo Mobile for Android 4.90.0 Released
• Duo Mobile for iOS 4.90.0 Released
• Bug Fixes

Cisco Duo

Android 12 End of Life

• Android 12 now marked end of life in Operating Systems policy. 

New Features 

Now Generally Available: Chrome OS support is included with Chrome Enterprise as a health data source only. 

Now Generally Available: Added a new page in the Devices menu called Device Data Sources 

• Administrators can configure Chrome Enterprise to successfully communicate with the Duo prompt for health checks, as well as enable Chrome Enterprise as a device data source. 
  
  

New Features Available in Duo’s Federal Editions  

• Federal customers can now configure Admin Session Timeout. 

Enhancements 

• Updated Duo Desktop policy to Duo Desktop & device health policy. 
• This update is to enable support for device data sources beyond Duo Desktop, namely Chrome Enterprise browser. 
   
  
  
• The various Admin API endpoints that return Administrators will now include the field phone_details which will have more detailed information about the admin’s phone. It will be in the same format and contain the same content as the phone's field on the users' responses.
• Android 12 

New and Updated Applications 

New Duo Single Sign-On Applications 

• There are six new named SAML applications: Adobe Learning Manager, Cisco Intersight, Emma, Redbooth, Yodeck, and OLOID.
  

Duo for Outlook Web App (OWA) version 2.2.0 Released 

• Adds support for new Duo certificate authorities. 

• Adds the Duo Secret Key Rotation tool in the OWA installation directory to assist administrators with updating the application's Client Secret to a new value when required. 

• The Client Secret is encrypted in the Windows registry. Previously, the Client Secret was saved as clear text in the registry. 

• Supports Windows Server 2025. 

Duo Unix - Two-Factor Authentication for SSH v2.1.0 Released 

• Improves certificate validation for IP hostnames to mitigate CVE-2014-0139. 

• Duo Unix obeys rate limiting replies from the Duo cloud service. 

• The full path to the configuration file is logged out when Duo Unix is invoked. 

• API calls to Duo will account for possible time drift between Duo and the local server. 

• Adds support for new Duo certificate authorities. 

• Adds package support for Centos Stream 10, Fedora 41, and Fedora 42. 

• Ubuntu 20.04, Fedora 39, and Fedora 40 support is deprecated and will be removed in the next release.  

Duo for Remote Desktop Web version 3.1.0 Released 

• Adds support for new Duo certificate authorities. 

• Adds the Duo Secret Key Rotation tool in the RD Web installation directory to assist administrators with updating the application's secret key to a new value when required. 

• Adds encryption to the secret key in the Windows Registry. 

Duo Authentication Proxy 6.5.1 Released 

• Adds support for new Duo certificate authorities. 

Duo Desktop 7.7.1.0 for macOS Public Beta Released  

• Added collection of CrowdStrike Agent ID for future Trusted Endpoints integration.  

• Minor fixes and updates.   

Duo Desktop 7.7.1 for Windows Public Beta Released  

• .NET version collection now collects all installed .NET runtimes. 

• Improved logging whenever the app validates the signature of an incoming request. 

• Minor improvements and enhancements. 

Duo Authentication for Windows Logon v5.1.1 Released 

• Fixed security issues with trace and debug logging. 

• Improved password change and password reset experience. 

• Fixed issue where the Duo authentication window renders transparently. 

• Improved experience when passwordless authentication times out. 

• Removed auto logon feature for passwordless. Users should click “Sign in” to initiate passwordless authentication. 

• Improved experience for passwordless-enrolled users who log in via “Other User”. 

• Adds support for new Duo certificate authorities.  

Duo Mobile for Android 4.90.0 Released 

• Miscellaneous bug fixes and behind-the-scenes improvements.
  

Duo Mobile for iOS 4.90.0 Released 

• Miscellaneous bug fixes and behind-the-scenes improvements. 

Bug Fixes 

• In D314, we started preventing directory syncs from taking over users from other directory syncs unless the other sync had its automatic syncs paused. Starting in D316, we also allow syncs to take over users belonging to any other sync if they are in the Trash. 

• Cohesity: Certificate expiration for the Cohesity SAML application is now set to 10 years. 

• The Endpoints page no longer experiences unintended scrolling when the “out-of-date” drop down is clicked.