Critical Notices
The following urgent notices relate to mandatory upgrades and important changes within the RSA environment. Immediate action is required to prevent potential service disruptions.
Mandatory Upgrade Required by October 6, 2025
Following Google's decision to stop recognizing Entrust as a trusted Certificate Authority (CA), RSA must transition to an alternative CA beginning the week of October 06, 2025. To ensure continued functionality, you must update or upgrade the necessary on-premises RSA components prior to this date. Failure to complete the required updates may result in significant service disruptions.
For more information on upgrading components, please refer to the latest published advisory: REMINDER: 1 WEEK LEFT TO COMPLETE UPGRADE WHEN USING RSA CAS AND AVOID SERVICE DISRUPTION.
Use of Company-Specific URLs Required
As a follow-up to the November 2024 Release Announcement, non-company-specific URLs will soon be removed. Please update the affected service URLs immediately. For more information, see transition guide here: Company-Specific Administrative URLs Update Instructions. Administrators must use their designated company-specific URLs for all access, including API interactions, AM configurations, SCIM configurations, or redirected URLs from identity providers (IdPs). The access through the non-company specific URL is not yet blocked. It will be blocked potentially resulting in a loss of functionality (for example, https://access.securid.com or https://na2.access.securid.com ). To ensure uninterrupted access, administrators should promptly verify that all connectivity is routed through the appropriate company-specific URLs and update their configurations as needed. If your Identity Router (IDR) software version is earlier than 12.22.0.0.32, you must upgrade your IDR to 12.22.0.0.32 or later to avoid any disruptions when non-company-specific URLs are deprecated.
Starting with the June release, a banner warning appears for 24 hours whenever a non-company-specific URL is used for the following:
- Logging in to the Cloud Administration Console via password or third-party IdP.
- Accessing the Cloud Administration REST APIs.
In addition, an audit event is logged once per day whenever a non-company-specific URL is used for third-party IdP login and Cloud Administration REST API. You can view this event in the Cloud Administration Console > Platform > Admin Event Viewer.
Identity Router (IDR) 12.23.0.0.11 Now Available
The IDR 12.23.0.0.11 release is now available. We recommend that all customers upgrade to this version.
This release includes:
-
Fixed the issue affecting the IDR SSH login feature, which is used by RSA Support for troubleshooting purposes.
Note: This issue did not impact the core functionality of the Identity Router (IDR).
-
Fixed multiple security vulnerabilities.
Customers can wait for the scheduled upgrade or choose to upgrade on their own discretion.
Identity Router Update Schedule and Versions
Identity routers will be updated according to the following schedule. Downloading the new identity router image when you deploy new identity routers ensures that you benefit from the latest security improvements.
| Date | Description |
|---|---|
|
EU/ ANZ/ JP/ CA/ GS: September 2, 2025 US/ FedRamp Gov/ IN: September 3, 2025 | Updated identity router software is available to all customers. |
| Default: Saturday, October 25, 2025 | Default date when identity routers are scheduled to automatically update to the new version unless you modify the update schedule or update manually. |
| Last: Saturday, November 15, 2025 |
If you postponed the default date, this is the last day when updates can be performed. |
Cloud Access Service Updates
Updated Subprocessor List
The list of subprocessors used by RSA has been updated to reflect the latest changes. For more information, see RSA Subprocessor Information.
New Column in Hardware OTP Credential Information Report: Last Successful Authentication
The Hardware OTP Credential Information report now includes a new column, Last Successful Authentication. This column shows the last time a hardware OTP credential is used for authentication. The update helps you track credential usage, strengthen security by identifying inactive credentials, and simplify audit readiness.
To generate the report, go to Users > Reports > Hardware OTP Credential Information > Generate.
New Controls for Online Emergency Access Code Duration Settings
Super Administrators can now manage Online Emergency Access Code duration settings at the account level. Super Administrators can allow administrators to override these settings or lock them to prevent changes. These controls give Super Administrators greater flexibility, strengthen security, and ensure consistent policy enforcement across your organization.
To configure this feature, go to Cloud Administration Console > My Account > Company Settings > Sessions & Authentication > Emergency Access Codes.
If Lock Online Emergency Access Code settings is disabled, administrators can manage online Emergency Access Code duration in the Cloud Administration Console > Users > Management > Emergency Access Code.
Enhanced Network Zone Configuration for Identity Router (IDR) Clusters
We have enhanced network zone management so you not only have the option to apply restricted networks from the IDR Network Zone across all IDRs, but you can also configure network zones for individual IDR clusters. This enhancement gives you more granular control, improves security, and provides greater flexibility so you can choose the approach that best fits your needs.
To access this feature, navigate to Cloud Administration Console > Platform > Clusters, then edit an existing cluster or add a new one, and go to the Network Zones section.
Upcoming End of Primary Support (EOPS) Details
The following table provides details of the RSA products reaching the end of support within the next six months:
| Product | Version | EOPS Date | Extended Support Level 1/Level 2 |
|---|---|---|---|
| MFA Agent for Microsoft Windows | 2.3 | October 2025 | No |
Subscribe to status.securid.com for the Cloud Access Service Status Updates
For information about all service incidents and scheduled maintenance windows for the Cloud Authentication Service, subscribe to https://status.securid.com.
Related Articles
RSA July 2025 Release Announcements Number of Views RSA May 2025 Release Announcements Number of Views RSA November 2025 Release Announcements Number of Views RSA January 2025 Release Announcements Number of Views RSA November 2024 Release Announcements Number of Views
Trending Articles
How to recover the Application and AFX after an unexpected database failure in RSA Identity Governance & Lifecycle Troubleshooting AFX Connector issues in RSA Identity Governance & Lifecycle RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Release Notes for RSA Authentication Manager 8.8 RSA Authentication Manager 8.9 Release Notes (January 2026)
