CyberArk: Connect With Trusted RDP Files
SIA can now digitally sign RDP files with your organization’s own certificate, eliminating the “Unknown Publisher” security warnings that previously created friction and eroded user trust during vaulted, ZSP, and JIT RDP sessions. This means end users get a seamless, warning-free connection experience with confidence that RDP launches genuinely originate from a trusted source.
CyberArk-Security-Bulletin-CA26-07
CyberArk customers should review the most recent security patch (released on 4th Feb) for applicability in their environments.
CA26-07 involves a High severity vulnerability that affects Credential Providers (CP), version 14.2 and all its patches prior 14.2.5.
https://community.cyberark.com/s/article/CyberArk-Security-Bulletin-CA26-07
Note: CCP and ASCP are not impacted by this vulnerability.
CA26-02 & CA26-03: High Severity Vulnerabilities in Central Password Management
CyberArk has disclosed high severity vulnerabilities affecting Central Password Management in both self-hosted deployments (versions prior to 14.6.3) and Privilege Cloud environments (versions prior to 14.8). Customers should review the security bulletins (CA26-02, CA26-03) to understand their exposure and apply the recommended fixes as soon as possible.
SIA: Support for named instance connections in vaulted SQL Server targets
Secure Infrastructure Access (SIA) now supports connecting to specific SQL Server named instances by specifying the port and instance name when using vaulted credentials. Since enterprises commonly run multiple SQL instances on a single host, this closes a gap that previously made SIA impractical for complex database environments.
