PingID integration for Windows login 2.8.3 (June 21, 2022) - PingID

PingID Administration Guide

Page created: 21 Jun 2022 |
Page updated: 22 Aug 2022

Authentication request despite Recent Authentication rule in policy

FixedSTAGING-15722

In version 2.8, when Windows login was integrated with PingID directly (not through PingFederate), there were situations where users would be asked to authenticate even though the defined Recent Authentication rule in the authentication policy should have prevented an authentication prompt.

Windows login verifies PingID properties file

FixedPIM-3134

Beginning with version 2.8, you must use the restricted-permissions properties file that is generated when you click the Generate button in the Integrate with Windows and Mac login section. You can no longer use the properties file that is generated when you click the Generate button in the Integrate with PingFederate and other clients section. This resolves issues related to CVE-2022-23717.

Removed Windows login local privilege escalation

FixedPIM-2897

Windows Login local privilege escalation to System account is now removed. This resolves issues related to CVE-2022-23719.

Additions to the Authentication Browser

FixedPIM-2898

Offline HTML and JS files are now added to the Authentication Browser (similar to these employed by Authenticator Browser for Online login flow) . This resolves issues related to CVE-2022-23717.

Chromium upgrade

FixedPID-9964
Chromium is now upgraded in Windows Login. This resolves issues related to CVE-2022-23718.

Restricted access to the properties file in the registry

FixedPID-3315
Fixed an issue related to restricting access to the properties file in the registry. This resolves issues related to CVE-2022-23725.