<div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div><div><p class="MsoNormal"><span lang="EN-US"><font face="arial, sans-serif">HCL Software is pleased to announce the availability of BigFix Remote Control version 10.1 FP3</font></span></p><p class="MsoNormal"><span lang="EN-US"><font face="arial, sans-serif"><u></u> </font></span></p><div><p class="MsoNormal"><span style="background-color:transparent;color:rgb(0,0,0);font-weight:700;text-indent:36pt"><font face="arial, sans-serif">**Fixed vulnerabilities** </font></span></p><p class="MsoNormal">HCL BigFix Remote Control version 10.1.0 FP2 and before are affected by the following security vulnerabilities: <span style="background-color:transparent;color:rgb(0,0,0);font-weight:700;text-indent:36pt"><font face="arial, sans-serif"></font></span></p><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><font face="arial, sans-serif"><span style="background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"><font color="#000000"><span style="white-space-collapse: preserve;">- CVE-2025-31965: Standard users could view some Admin pages into the Server.
</span></font></span></font> Affected components: Remote Control Server.</p><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><font face="arial, sans-serif"><span style="color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">- CVE-2024-13176: Timing side-channel in ECDSA signature computation (OpenSSL).
</span></font>Affected components: Remote Control Target, Remote Control Broker, Remote Control Gateway.</p><p class="MsoNormal"><br></p><p class="MsoNormal"><b>**Important Notice: AES 256 cryptographic algorithm enabled by default**</b></p><p>With the new version of IBM WAS Liberty, AES 256 is now the default cryptographic algorithm, replacing AES 128 for stronger security. <br>To ensure seamless operation and leverage this enhanced encryption, we highly recommend you regenerate your SAML Metadata.<br>If FIPS is enabled, this step is mandatory. You must regenerate your SAML Metadata to encrypt passwords with AES 256, as AES 128 encrypted passwords are no longer supported.<br>You can regenerate the SAML Metadata during the Remote Control Server upgrade procedure by selecting the appropriate flag. After regenerating the metadata, please remember to re-register with your Identity Provider.</p><p class="MsoNormal"><br></p></div><p class="MsoNormal"><font face="arial, sans-serif"> <b>**Resolved Defect Articles:**</b></font></p><p class="MsoNormal"><font face="arial, sans-serif"><span style="background-color:transparent"><b>- </b></span><span style="background-color:transparent;color:rgb(0,0,0)">KB0119265: Remote control access shows a gray screen when connecting</span></font></p><p class="MsoNormal"><span style="background-color:transparent;color:rgb(0,0,0)"><font face="arial, sans-serif">- KB0119643: Broker crash issue</font></span></p><p class="MsoNormal"><span style="background-color:transparent;color:rgb(0,0,0)"><font face="arial, sans-serif">- KB0121115: Self-signed error for Root certificate with Reverse Proxy enabled on the Broker</font></span></p><p class="MsoNormal"><span style="background-color:transparent;color:rgb(0,0,0)"><font face="arial, sans-serif">- KB0120278: Login disclaimer of the RC Server allows to bypass</font></span></p><p class="MsoNormal"><font face="arial, sans-serif"><span style="background-color:transparent;color:rgb(0,0,0)">- KB0122763: Increased CPU usage of the RC Server with duplicate</span><span style="background-color:transparent;color:rgb(0,0,0)"> GUIDs of Unattended Targets</span></font></p></div><div><p class="MsoNormal"><font face="arial, sans-serif"> </font></p><p class="MsoNormal"><span lang="EN-US"><font face="arial, sans-serif"><b>**Published site version:**</b><u></u><u></u></font></span></p><p class="MsoNormal"><span lang="EN-US"><font face="arial, sans-serif">Remote Control, site version<font color="#000000"> 80</font> (Build Number 10.1.0.0326)<u></u><u></u></font></span></p><p class="MsoNormal"><span lang="EN-US"><font face="arial, sans-serif"><u></u> <u></u></font></span></p><p class="MsoNormal"><span lang="EN-US"><font face="arial, sans-serif">With kind regards,<u></u><u></u></font></span></p><p class="MsoNormal"><span lang="EN-US"><font face="arial, sans-serif"> The BigFix Remote Control Team</font></span></p></div></div><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><p class="MsoNormal"><br><br></p>
</div></div></div></div>
</div>
</div>
</div>