The last months a smaller number of vulnerabilities have been discovered in Net iD Enterprise, and for those SecMaker promptly released updated versions with fixes for the vulnerabilities (service releases v6.0.1 to v6.0.3).
During the summer/autumn further reviews of the included features have been made to prevent for possible future vulnerabilities and as a result a security update of the software has been developed.
The security update mainly concerns an extended control mechanism for Net iD Plugin that makes it easier to control and lock included features.
The goal is to be able to handle future urgent updates of the software through recommendations regarding reconfigurations rather than through upgrades.
Version 6.1 also includes protection against some additional possible vulnerabilities.
For security reasons all customers are recommended to upgrade to Net iD Enterprise v6.1 in their user environments.
One major factor behind Net iD Enterprise’s success is the product’s great flexibility and the possibility to customize configurations to each organization’s unique system environment and needs.
Since the usage of some of the features have been limited or completely removed, as they have been considered as unsecure in our review, it may result in a need for changes in your configurations/implementations to keep Net iD Enterprise working smoothly for the users.
It is therefore vital to test the new version before deployment to verify that the stricter controls in the software do not cause any problems in your user environments.
The new security update may for example cause reappearing control questions regarding connection to some servers that have not been authorized in advance and it is therefore necessary to identify such authorized servers before deployment.
It is important for you to report possible problems to SecMaker to give us the possibility to help you with adjustments of the configurations or give you other advices if needed.
For more in-depth information regarding the security update and how the new configurations work see https://service.secmaker.com/securityupdates/.
Other new features in Net iD Enterprise v6.1are:
– Support for Microsoft Windows 8.1 and Internet Explorer 11, see Known Limitations in Release Notes.
– Support for OS X 10.9 (Mavericks), see Known Issues in Release Notes.
– Enhanced LRA support (Local RA).
– New CSP signature procedure from Microsoft, see Known Issues in Release Notes regarding Windows XP and Windows Server 2003.
– Support for info label names that have too many characters to be supported by PKCS#11.
– Ended support for automatic installation of PKCS#11 module in Firefox on OS X for security reasons, see Known Limitations in Release Notes.
For further questions please contact us via our support site https://support.secmaker.com.