pc micro systems
 


Home
Information
Download
User's Guide
Support
Company Info

What's New in NetModem 4.xx



Version 4.46
(Released April 5, 2021)

  • The OpenSSL encryption library was updated to version 1.1.1k, which was released by the OpenSSL development team on March 25, 2021. This resolves two "High Severity Security Advisories": 1. a vulnerability which only affected OpenSSL versions 1.1.1h-1.1.1j relating to checking that certificates in the chain are valid CA certificates, and 2. An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation TLSv1.2 ClientHello message from a client. For more information see:
    https://www.openssl.org/news/secadv/20210325.txt
    and:
    https://www.openssl.org/news/secadv/20210325.txt

  • The NetModem Client v4.45 Credential Provider had a severe security issue which could comprimise a user's credentials under Windows versions prior to Windows 10, when using the "Use Windows Credentials" option. This has been resolved in version 4.46.

  • NetModem Server has been updated to work around an issue with the Moxa CP-168EL serial extender card driver, which could cause previous versions of NetModem Server to fail to close a Moxa COM port.


Version 4.45
(Released May 1, 2020)

  • The OpenSSL encryption library was updated to version 1.1.1g, which was released by the OpenSSL development team on April 21, 2020. This resolves one "High Severity Security Advisory" vulnerability, which can result in a crash when calling the SSL_check_chain() function and an invalid/unrecognised signature algorithm is received from the peer. For more information see:
    https://www.openssl.org/news/secadv/20200421.txt


Version 4.44
(Released April 8, 2020)

  • Updated the OpenSSL Encryption library to version 1.1.1f, which fixes 3 low-severity issues in previous versions which did not effect NetModem Server or client.

  • Corrected an issue in NetModem Server installer in which the default log folder was not created during the install.

  • Fixed a potential timeout issue in the NetModem Client Configuration while the "Test Server Connection" is run on a slow network.

  • NetModem Client configuration now automatically provides users login (DOMAIN\username) under Windows Vista or and later when connected to a domain, if no existing login entry is defined.

  • Added a secondary domain credential authentication method to NetModem Server, using a PDC emulator which is automatically enabled if the primary DC method fails to respond.


Version 4.43
(Released June 19, 2019)

  • Updated the OpenSSL Encryption library to version 1.1.1c.

  • Fixed an issue in NetModem Server in which the list of "Allowed Numbers to DialOut" were being ignored in previous 4.4x versions.

  • Fixed an issue that prevented the NetModem Client Monitor's Tray Icon from re-appearing after the Windows Explorer process has been stopped/restarted.


Version 4.42
(Released April 24, 2019)

  • This is a minor update to resolve an issue when running under a "Windows Embedded" edition. In previous 4.x versions the NetModem System Tray icon could close\crash when running under Windows Embedded.


Version 4.41
(Released November 27, 2018)

  • The OpenSSL encryption library was updated to version 1.1.1a, which was released by the OpenSSL development team on November 20, 2018. This resolves two "Low Severity Security Advisory" vulnerabilities, one relating to DSA signature generation, the other relating to the ECDSA signature algorithm. For more information see:
    https://www.openssl.org/news/secadv/20181029.txt and
    https://www.openssl.org/news/secadv/20181030.txt

  • Other then adding support for OpenSSL 1.1.1a, NetModem (Cient and Server) version 4.41 use the identical codebase as version 4.34.



Version 4.40 (Released November 9, 2018)

  • The OpenSSL encryption library was updated to the latest 1.1.1 Branch, which was released by the OpenSSL development team on September 11, 2018.

  • The primary new feature is TLSv1.3, a major rewrite of the Transport Layer Security specification. The final draft for v1.3 was released by the IETF on August 28, 2018. TLSv1.3 is faster and more secure then its v1.2 predecessor, and requires new cipher suites designed specifically for TLSv1.3.
    For more information on TLSv1.3 see https://www.openssl.org/blog/blog/2017/05/04/tlsv1.3/

    When upgrading from an older version of NetModem Server or NetModem Client version 4.3x configured to use TLSv1.2, The upgrade will automatically enable TLSv1.3 without needing to make any configuration changes. Furthermore both NetModem Server and NetModem Client can be configured to negotiate any of the following protocols with the other endpoint:

    • TLS (any version) or SSLv3
    • TLSv1.3 or TLSv1.2
    • TLSv1.3 Only
    • TLSv1.x (1.0, 1.1, 1.2, or 1.3)
    • SSLv3

    If using encryption, unless your site still has versions of NetModem Client older then version 4.30 we suggest initially selecting "TLSv1.3 or TLSv.12" in NetModem Server's "SSL Encryption" tab. For optimal security, once all clients have been updated to version 4.4x the encryption setting in NetModem Server should then be changed to "TLSv1.3 only".

    TLS version 1.0 and 1.1 are being depreciated by the IETF, which urges the public not to use either one.
    See https://tools.ietf.org/id/draft-moriarty-tls-oldversions-diediedie-00.html
    Likewise, the SSLv3 protocol is depreciated due to serious vulnerabilities and should also be avoided if possible.

    For more info on OpenSSL 1.1.1 see https://www.openssl.org/blog/blog/2018/09/11/release111

  • Other then adding support for OpenSSL 1.1.1, NetModem (Client and Server) version 4.40 use the identical codebase as version 4.34.

Version 4.34 (Released March 31, 2018)

  • Due to a "Moderate Severity Security Advisory" the OpenSSL encryption library was updated to version 1.1.0h, which was released by the OpenSSL development team on March 27, 2018. This resolves two moderate and one low security issues. For more information see https://www.openssl.org/news/secadv/20180327.txt

  • Under Windows 10, NetModem Client no longer offers the "Use Windows Credentials" option in the Authentication pull-down list, due to the current builds of Windows 10 no longer allowing this feature. The "Use Username and Password" option can be used instead.


Note: OpenSSL Security Advisory [07 Dec 2017]
  • This security advisory only effects OpenSSL versions 1.02 and older. NetModem server and client use the latest branch of OpenSSL 1.1.0. and thus are not effected by the issues addressed in this advisory.
    For more information see https://www.openssl.org/news/secadv/20171207.txt


Version 4.33 (Released November 6, 2017)

  • Due to a "Moderate Severity Security Advisory" the OpenSSL encryption library was updated to version 1.1.0g, which was released by the OpenSSL development team on November 2, 2017. This resolves a propagating bug in the x86_64 Montgomery squaring procedure. For more information see https://www.openssl.org/news/secadv/20171102.txt


Version 4.32 (Released February 23, 2017)

  • Due to a "High Severity Security Advisory" the OpenSSL encryption library was updated to version 1.1.0e, which was released by the OpenSSL development team on February 16, 2017. This resolves an issue which could cause OpenSSL to crash during a renegotiation handshake under certain conditions. For more information see https://www.openssl.org/news/secadv/20170216.txt


Version 4.31 (Released February 17, 2017)

  • In the event that NetModem Client's Virtual COM port driver fails to install or load at startup, the driver is reinstalled automaticly using the Microsoft Driver Package Installer.

  • NetModem Server's installer was launching the GUI in minimized mode in version 4.30. Now it's launched in normal mode.

  • NetModem Server's "Pool Properties" dialog is updated.

  • NetModem User's Guide is updated.

Version 4.30 (Released February 1, 2017)

  • The OpenSSL encryption library was updated to version 1.1.0d, which was released by the OpenSSL development team on January 26, 2017. This resolves several security issues in all versions of OpenSSL. For more information see https://www.openssl.org/news/secadv/20170126.txt.

  • With the major update to the 1.1.0 series of OpenSSL, the outdated/insecure cipher suites RC2 and DES have been removed, and the RC4 and 3DES (Triple-DES) cipher suites have been depreciated.
    NetModem now supports the CHACHA20/POLY1305 cipher suite, as well as Camellia, leaving the number of supported cipher suites at 5. Be advised that the depreciated RC4 and 3DES Suites will be removed from OpenSSL in the future.

  • The previous updates to OpenSSL 1.0.2i and 1.0.2j on September 22 and September 26, 2016 resolved security issues which did not effect NetModem Client or Server, and no update was was needed. This is partly due to NetModem disabling OCSP and DTLS features.

  • Enhanced Active Directory support for Windows Server 2016.

  • Upgraded NetModem installers from Installsheild 2011 to 2016, to support Software Identification Tags and additional enhancements.


Version 4.25 (Released July 22, 2016)

  • Additional changes to support high-resolution monitors which use non-symmetrical horizontal/vertical DPI modes.

  • Enhanced NetModem Server's buffering for optimized resource usage.

Version 4.24 (Released July 15, 2016)

  • Added optimizations to the NetModem Client Virtual COM Port driver driver to enhance performance for Fax Class 1 connections.

  • Fixed a bug in the NetModem Client Virtual COM port driver which could cause an IRQL crash when used with the MainPine Fax Service Provider.

  • Updated the Graphic User Interface on both Client and Server to support high-resolution monitors that use non-symmetrical horizontal/vertical DPI modes.

  • Cosmetic enhancements were made to the NetModem Client Configuration's "Test Server Connection".

Version 4.23 (Released April 3, 2016)

  • The OpenSSL encryption library was updated to version 1.0.2h, which was released by the OpenSSL development team on April 3, 2016. This resolves two high security issues in OpenSSL, and four low security issues. For more information see https://www.openssl.org/news/secadv/20160503.txt.

  • The previous update to OpenSSL 1.02g on March 1, 2016 resolved security issues which did not effect NetModem Client or Server, and no update was was needed at that time.

Version 4.22 (Released January 28, 2016)

  • The OpenSSL encryption library was updated to version 1.0.2f, which was released by the OpenSSL development team on January 28, 2016. This resolves two security issues in OpenSSL. The high severity issue does not effect NetModem Server or Client, but the low severity one does. For more information see https://openssl.org/news/secadv/20160128.txt.

Version 4.21 (Released December 3, 2015)

  • The OpenSSL encryption library was updated to version 1.0.2e, which was released by the OpenSSL development team on December 3, 2015. This resolves four security issues in OpenSSL (3 moderate, 1 low). For more information see https://openssl.org/news/secadv/20151203.txt.

Version 4.20 (Released August 11, 2015)

  • Minor bugfixes were applied to resolve hostname/IP logging issues in the 4.1x branch relating to IPv6 implementation.

  • Ipv6 is now enabled by default in the NetModem Client advanced configuration section during a new install.

  • The timing of transmitted data was adjusted in NetModem Client to allow reliable faxing when enabling IPv6.

Version 4.12.1 (Released July 9, 2015)

  • The OpenSSL encryption library was updated to version 1.0.2d, which was released by the OpenSSL development team on July 9, 2015. This resolves a High severaity issue in OpenSSL. For more information see https://openssl.org/news/secadv_20150709.txt.

  • Fixed a bug in the NetModem Client Configuration program which could cause the server connection test to close prematurely.

Version 4.12 (Released June 13, 2015)

  • The OpenSSL encryption library was updated to version 1.0.2c, which was released by the OpenSSL development team on June 11, 2015. (Version 1.02b was released earlier the same day). These new OpenSSL versions are security releases which addresses 6 moderate security issues and one low security issue. For more information see https://openssl.org/news/secadv_20150611.txt.

  • The NetModem Server GUI (Monitor) had a bug in versions 4.10 and 4.11, which could cause GUI to halt when attempting to edit a "blocked phone number" Dialrules list and Windows denies write access to the file due to file permissions. This is now resolved.

Version 4.11 (Released March 20, 2015)

  • SECURITY ADVISORY: The OpenSSL encryption library was updated to version 1.0.2a, which was released by the OpenSSL development team on March 19, 2015. This new OpenSSL version is a security release which addresses 12 security issues including moderate and high severity issues. Users running any previous version of OpenSSL are advised to update to their current branch release. For more information see https://openssl.org/news/secadv_20150319.txt.

Version 4.10 (Released March 11, 2015)

  • NetModem now fully supports IPv6. NetModem Server always accepts both IPv4 and IPv6 incoming connections on the same socket in Windows Vista and later for optimim performance. NetModem Client can be configured to only support IPv4 outbound connections, or to use either IPv4 or IPv6 connections depending on the type of IP address used. IPv6 support can be enabled in NetModem Client under Configuration > Advanced.

  • The ODBC database engine was updated for improved performance.

  • Minor optimizations were made to the NetModem Server GUI.

  • Text based Dialrules and virtual phonebook files are now stored in a separate folder.

  • The OpenSSL encryption library was updated to version 1.0.2, which was released by the OpenSSL development team on January 22, 2015. This new OpenSSL version is a major branch update which includes multiblock performance enhancements on 64 bit platforms, that considerably boosts hardware based AES-NI Encryption on modern CPU's. For more information see https://www.openssl.org/news/openssl-1.0.2-notes.html.

  • NetModem Sever now uses a dynamically sized input buffer, preventing the possibility of a buffer overflow condition.

Version 4.05 (Released January 16, 2015)

  • The OpenSSL encryption library was updated to version 1.0.1l, which was released by the OpenSSL development team on January 15, 2015. This new OpenSSL version is a security and bugfix release which addresses 8 security issues including 2 moderate issues. For more information see https://openssl.org/news/secadv_20150108.txt.

  • While these fixes were originally released in OpenSSL version 1.01k on January 8, 2015, that OpenSSL release was not compatible with Windows platforms due to a new bug introduced at the same time.

Version 4.04 (Released October 16, 2014)

  • The OpenSSL encryption library was updated to version 1.0.1j, which was released by the OpenSSL development team on October 15, 2014. This new OpenSSL version is a security and bugfix release which addresses 4 security issues including 1 High issue - SRTP Memory Leak (CVE-2014-3513). For more information see https://www.openssl.org/news/secadv_20141015.txt.

  • 9 additional bugs in the OpenSSL encryption library were also fixed in the previous OpenSSL 1.0.1i release on August 6, 2014, however none of these issues effect NetModem Server and Client. For more information see https://www.openssl.org/news/secadv_20140806.txt.

Version 4.03 (Released June 10, 2014)

  • The OpenSSL encryption library was updated to version 1.0.1h, which was released by the OpenSSL development team on June 5, 2014. This new OpenSSL version is a security and bugfix release which addresses 7 security issues (inclluding SSL/TLS MITM vulnerability (CVE-2014-0224). For more information see https://www.openssl.org/news/secadv_20140605.txt.

Version 4.02 (Released April 11, 2014)

  • The OpenSSL encryption library was updated to version 1.0.1g, which was released by the OpenSSL development team on April 7, 2014. This OpenSSL update is a security and bugfix release which addresses the "Heartbleed Bug" - a TLS heartbeat read overrun issue (CVE-2014-0160). The Heardbleed bug only effected NetModem Versions 4.00 and 4.01.
    For more information see https://www.openssl.org/news/secadv_20140407.txt.

  • NetModem Server now uses an alternative user authentication method.

  • NetModem Server Monitor has minor GUI enhancements.

Version 4.01 (Released March 25, 2014)

  • Removed all ADSI library code from NetModem Server, as all authentication is done using LDAP.

  • Bug Fix: NetModem Server 4.00 would ignore the "Authenticated Users" group when placed in the allowed list.

  • NetModem Client now has a 64-bit credential provider (4.00 used a 32-bit provider even with the x64 install).

Version 4.10-Pre release 2 (Available by request as of March 25, 2014)

  • Minor performance enhancements to CORBA in NetModem Server.

  • No changes to NetModem Client.

Version 4.00 (Released February 12, 2014)

  • Updated VS development platform no longer allows supporting Windows NT 4.0.

  • The NetModem Server service no longer uses any MFC code for the ODBC interface, allowing it to function in a non-GUI environment such as Windows Server Core.

  • Active Directory is now managed via Lightweight Directory Access Protocol (LDAP) calls instead of using ADSI for improved performance.

  • When selecting Active Directory objects, just groups or users can now be viewed from the available list, and an "Advanced" option is available to use the Microsoft object picker to select allowed users and groups.
  • TLS version 1.1 and 1.2 encryption protocols and ciphers are now supported. OpenSSL has been updated to the 1.01 level (revision I).

  • NetModem Server has an enhanced "allowed phone numbers to dial" list interface.

  • Version 3.x clients are compatible with NetModem Server 4.x, but 4.x clients are needed to support TLS 1.1 and 1.2 encryption.


Version 4.10-Pre release 1 (Available by request as of February 12, 2014)

  • NetModem Server now uses CORBA - The Common Object Request Broker Architecture, for communications between the service and the GUI monitor. CORBA is an open, vendor-independent architecture and infrastructure that computer applications use to work together over networks. This allows remote monitoring and configuration by multiple administrators. Future versions may allow third-party interfaces.

  • No changes to NetModem Client.


See what's new in version 3.xx
See what's new in version 2.xx

 



hot deals on computers
Home | About NetModem | Download | Guide | Support | Company Info

Copyright © 1995 - 2010 pcmicro.com    All rights reserved