The Hacker News reports that ongoing security issues have prompted ConnectWise to schedule a rotation of digital code signing certificates for ScreenConnect, ConnectWise Remote Monitoring and Management, and ConnectWise Automate executables.
ConnectWise, which will revoke the certificates on Friday evening, said that the security concerns stem from ScreenConnect's configuration data storage within an unsigned area of the installer, which could result in an "insecure design pattern" if used alongside a remote control solution. Organizations using on-premises ScreenConnect or Automate instances have been advised to implement updates to prevent potential interruptions. "We had already planned enhancements to certificate management and product hardening, but these efforts are now being implemented on an accelerated timeline. We understand this may create challenges and are committed to supporting you through the transition," said ConnectWise. Such a development comes after attacks involving the ScreenConnect flaw, tracked as CVE-2025-3935, were reported to have been launched by a suspected state-backed threat operation.
ConnectWise, which will revoke the certificates on Friday evening, said that the security concerns stem from ScreenConnect's configuration data storage within an unsigned area of the installer, which could result in an "insecure design pattern" if used alongside a remote control solution. Organizations using on-premises ScreenConnect or Automate instances have been advised to implement updates to prevent potential interruptions. "We had already planned enhancements to certificate management and product hardening, but these efforts are now being implemented on an accelerated timeline. We understand this may create challenges and are committed to supporting you through the transition," said ConnectWise. Such a development comes after attacks involving the ScreenConnect flaw, tracked as CVE-2025-3935, were reported to have been launched by a suspected state-backed threat operation.
