{"id":313294,"date":"2025-07-06T23:55:15","date_gmt":"2025-07-06T21:55:15","guid":{"rendered":"https:\/\/www.borncity.com\/blog\/?p=313294"},"modified":"2025-07-07T02:21:19","modified_gmt":"2025-07-07T00:21:19","slug":"connectwise-screenconnect-zertifikate-werden-zurueckgezogen","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2025\/07\/06\/connectwise-screenconnect-zertifikate-werden-zurueckgezogen\/","title":{"rendered":"ConnectWise Screenconnect: Zertifikate werden zur\u00fcckgezogen (7.7.2025)"},"content":{"rendered":"

\"StopJemand aus der Leserschaft der ConnectWise Screenconnect als Fernwartungssoftware einsetzt? Der Anbieter zieht bei der Fernwartungsl\u00f6sung Screenconnect gerade die die Code-Signing-Zertifikate f\u00fcr die Agenten auf den Clients zur\u00fcck. Was bleibt, wenn man Screenconnect einsetzen will? Man kann entweder eigene kostspielige Code-Signing-Zertifikate erwerben oder zur Cloud-L\u00f6sung des Anbieters wechseln. Ansonsten ist ab dem heutigen Montag (7.7.2025) Schluss mit Fernwartung.<\/p>\n

<\/p>\n

\"\"Das Ganze ist ziemlich an mir vorbei gegangen. Aber Leser Heinz hat mir zum 4. Juni 2025 per Mail kurz informiert (er hatte mich seinerzeit auch \u00fcber die im Beitrag\u00a0ConnectWise aktualisiert Server-Zertifikate, Software vor dem 13. Juni 2025 aktualisieren<\/a> beschriebene Aktualisierung der Server-Zertifikate informiert.<\/p>\n

\"ConnectWise<\/p>\n

Auf reddit.com bin ich auf obigen Thread\u00a0ScreenConnect cert expiring again?<\/a> gesto\u00dfen. Wer Lizenzen hat, sollte zum 1. Juli 2025 ggf. per E-Mail informiert worden sein. Auf reddit.com hat jemand in diesem Thread<\/a> die Mail ver\u00f6ffentlicht – ich habe die Informationen hier am Artikelende angeh\u00e4ngt. Passt nat\u00fcrlich super, da am 4. Juli 2025 in den USA Feiertag war. ConnectWise hat zum 5. Juni 2025 diesen Supportbeitrag<\/a> mit weiteren Details ver\u00f6ffentlicht.<\/p>\n

Heinz merkte dazu an: \"Da Cloud bei Fernwartung f\u00fcr uns ein absolutes NoGo ist wechseln wir dieses Wochenende im \u201eHauruck\" Verfahren zu Tactical Remote Management<\/a>. Die haben bei Connectwise den Vertrag gek\u00fcndigt. Laut Leser kocht diese gesamte Geschichte im reddit- und im screenconnect-Forum von Connectwise hoch. Die Ma\u00dfnahme ist m\u00f6glicherweise das Ergebnis eines Cyberangriffs (siehe ConnectWise ScreenConnect-Server durch LockBit angegriffen<\/a>).<\/p>\n

\u00c4hnliche Artikel:<\/strong>
\nKritische Schwachstelle in ConnectWise-Remote-Software ScreenConnect (Feb. 2024)<\/a>
\nConnectWise ScreenConnect-Server durch LockBit angegriffen<\/a>
\nImportant Security Update f\u00fcr Connect Wise ScreenConnect bis v25.2.3<\/a>
\nConnectWise aktualisiert Server-Zertifikate, Software vor dem 13. Juni 2025 aktualisieren<\/a><\/p>\n

\n
\n
\n

Update: \"Certificate Changes for ScreenConnect On-Prem.\"<\/h2>\n
[Email received July 1, 2025 UTC 03:00.<\/a>]<\/span><\/div>\n<\/div>\n<\/div>\n
\n
\n
\n

Dear Partner,<\/p>\n

As part of our commitment to platform trust and product integrity, we're making important changes to how digital certificates are handled for ScreenConnect on-premises deployments.<\/p>\n

What's Changing and Why<\/strong>
\nTo facilitate the personalization of the install package, we have historically allowed partners to make changes to certain parameters of the ScreenConnect install. These same capabilities were flagged by a researcher as a potential for misuse, and the current certificate will stop working on\u00a0Monday, July 7, 2025, at 12:00 p.m. ET (16:00 UTC)<\/strong>.<\/p>\n

To prevent further possibilities of misuse by threat actors, we have taken two steps:<\/p>\n

    \n
  1. We have removed any personalization capability from the install packages. This prevents threat actors from using these features for malicious purposes.<\/li>\n
  2. To further protect the validity of the installer, we are no longer signing the installer for the on-premises versions of ScreenConnect with the common certificate from ConnectWise. We are asking each on-premises partner who wishes to stay with their own hosted instance of ScreenConnect to sign the installer with their own certificate. Not only does this provide a higher level of security and assurance for each partner, but it also ensures that install packages are not reused outside your organization.<\/li>\n<\/ol>\n

    What You Need to Do<\/strong>
    \nBeginning with the next ScreenConnect build (available July 1), all on-premises partners will be required to provide a\u00a0publicly trusted certificate<\/strong>\u00a0to sign guest clients. The product will no longer ship with pre-signed clients. The release also includes one-click installation improvements to streamline the guest experience when joining a Support session.<\/p>\n

    You may obtain a certificate from a public certificate authority (CA) of your choice. Guidance on how to apply your certificate and complete the signing process will be provided with the release.<\/p>\n

    Please note that clients that are not properly signed with a trusted certificate may be flagged by endpoint protection software and could cause installation issues.<\/p>\n

    Optional: Move to Cloud<\/strong>
    \nIf managing certificates on-premises is not ideal for your environment, you may migrate to ScreenConnect Cloud, where ConnectWise signs client binaries on your behalf. A promotional offer to support this transition will be available shortly.<\/p>\n

    Support<\/strong>
    \nLive Support Chat is available for technical assistance for active maintenance subscribers. If you have questions or concerns, please contact our support team via\u00a0    live support chat<\/a>. You can also join our Partner Town Hall on Wednesday, July 2, at 12:00 p.m. ET (16:00 UTC) to review these changes and ask questions.\u00a0Register here<\/a>.<\/p>\n

    The landscape for remote access software has changed. As threat actors adopt more sophisticated techniques, maintaining trust requires stronger, more transparent security standards. These changes reflect our commitment to helping partners stay protected and ahead of evolving risks.<\/p>\n

    As always, we appreciate your continued partnership.<\/p>\n

    Sincerely,
    \nConnectWise<\/p>\n<\/div>\n<\/div>\n<\/div>\n

     <\/p>\n","protected":false},"excerpt":{"rendered":"

    Jemand aus der Leserschaft der ConnectWise Screenconnect als Fernwartungssoftware einsetzt? Der Anbieter zieht bei der Fernwartungsl\u00f6sung Screenconnect gerade die die Code-Signing-Zertifikate f\u00fcr die Agenten auf den Clients zur\u00fcck. Was bleibt, wenn man Screenconnect einsetzen will? Man kann entweder eigene kostspielige … Weiterlesen →<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[426,7459],"tags":[4328,3836],"class_list":["post-313294","post","type-post","status-publish","format-standard","hentry","category-sicherheit","category-software","tag-sicherheit","tag-software"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/313294","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=313294"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/313294\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=313294"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=313294"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=313294"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}