ESET researchers discovered a new vulnerability, CVE-2024-7344, that allows actors to bypass UEFI Secure Boot on the majority of UEFI-based systems.
Exploitation of this vulnerability allows execution of untrusted code during system boot, enabling deployment of malicious UEFI bootkits.
The issue was fixed by affected vendors; the vulnerable binaries were revoked by Microsoft in the January 14, 2025, Patch Tuesday update.
BRATISLAVA, Slovakia — January 16, 2025 — ESET researchers have discovered a vulnerability, affecting the majority of UEFI-based systems, that allows actors to bypass UEFI Secure Boot. This vulnerability, assigned CVE-2024-7344, was found in a UEFI application signed by Microsoft’s “Microsoft Corporation UEFI CA 2011” third-party UEFI certificate. Exploitation of this vulnerability can lead to the execution of untrusted code during system boot, enabling potential attackers to easily deploy malicious UEFI bootkits (such as Bootkitty or BlackLotus) even on systems with UEFI Secure Boot enabled, regardless of the operating system installed.
ESET reported the findings to the CERT Coordination Center (CERT/CC) in June 2024, which successfully contacted the affected vendors. The issue has now been fixed in affected products, and the old, vulnerable binaries were revoked by Microsoft in the January 14, 2025, Patch Tuesday update.
The affected UEFI application is part of several real-time system recovery software suites developed by Howyar Technologies Inc., Greenware Technologies, Radix Technologies Ltd., SANFONG Inc., Wasay Software Technology Inc., Computer Education System Inc., and Signal Computer GmbH.
“The number of UEFI vulnerabilities discovered in recent years and the failures in patching them or revoking vulnerable binaries within a reasonable time window shows that even such an essential feature as UEFI Secure Boot should not be considered an impenetrable barrier,” says ESET researcher Martin Smolár, who discovered the vulnerability. “However, what concerns us the most with respect to the vulnerability is not the time it took to fix and revoke the binary, which was quite good compared to similar cases, but the fact that this isn’t the first time that such an obviously unsafe signed UEFI binary has been discovered. This raises questions of how common the use of such unsafe techniques is among third-party UEFI software vendors, and how many other similar obscure, but signed, bootloaders there might be out there.”
Exploitation of this vulnerability is not limited to systems with the affected recovery software installed, as attackers can bring their own copy of the vulnerable binary to any UEFI system with the Microsoft third-party UEFI certificate enrolled. Also, elevated privileges are required to deploy the vulnerable and malicious files to the EFI system partition (local administrator on Windows; root on Linux). The vulnerability is caused by the use of a custom PE loader instead of using the standard and secure UEFI functions LoadImage and StartImage. All UEFI systems with Microsoft third-party UEFI signing enabled are affected (Windows 11 Secured-core PCs should have this option disabled by default).
The vulnerability can be mitigated by applying the latest UEFI revocations from Microsoft. Windows systems should be updated automatically. Microsoft’s advisory for the CVE-2024-7344 vulnerability can be found here. For Linux systems, updates should be available through the Linux Vendor Firmware Service.
For a more detailed analysis and technical breakdown of the UEFI vulnerability, check out the latest ESET Research blogpost “Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344” on WeLiveSecurity.com. Make sure to follow ESET Research on Twitter (today known as X) for the latest news from ESET Research.
About ESET For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
The gap between identifying vulnerabilities and applying patches continues to be a major bottleneck for organizations. In December 2024, the U.S. Treasury Department reported a breach attributed to a Chinese state-sponsored actor, who exploited two known vulnerabilities in BeyondTrust’s remote tech support software to gain unauthorized access[1].
Understanding the meaning of vulnerability and patch management
This incident makes us realize the importance of robust vulnerability and patch management strategies, especially now that we are entering the Year 2025. Both processes play crucial roles in securing IT systems, yet they serve distinct purposes and operate in tandem to safeguard organizational assets.
Let’s explore the fundamentals of vulnerability and patch management, their lifecycles, and how they complement each other to form the backbone of modern cybersecurity strategies. Read On-
Vulnerability vs. patch management: Understanding the basics
The first and most important thing to understand is that patch management is a process that comes within the broader scope of vulnerability management.
Vulnerability management is the process of identifying, assessing, categorizing, prioritizing, mitigating, and finally remediating vulnerabilities from an IT infrastructure. The aim here is to eliminate the security flaws, glitches, or weaknesses found in the system, which an attacker could exploit.
Conversely, patch management is the process of managing the action of patching the vulnerabilities. It identifies, prioritizes, tests, and deploys the patch to an operating system. Patching ensures that the devices run on the latest OS and app versions, addressing any kind of bug or vulnerability.
According to Jason Firch (CEO, PurpleSec), organizations can have vulnerability management without patch management, but they can’t have patch management without vulnerability management. One is dependent on the other[2].
Learning the mechanics of vulnerability and patch management
To understand how vulnerability and patch management work we will need to understand their lifecycles.
Patch management lifecycle
1. Build an inventory of production systems such as IP addresses, OS, and applications.
2. Scan the system for missing patches.
3. Create the patching policies according to your organizational needs.
4. Prioritize patches based on their severity.
5. Stage and test patches in a controlled environment.
6. Deploy patches to required devices, servers, and operating systems.
7. Verify patch deployment to ensure that they are not only installed but also working as intended.
8. Create patch reports under the company’s IT security policies and procedures documentation.
Vulnerability management lifecycle
1. Find and identify vulnerabilities that require patching.
2. Assess vulnerabilities and their levels of risk to the organization.
3. Prioritize vulnerabilities by identifying which ones to patch first for a relevant impact on your organization.
4. Apply a patch to remediate the vulnerability.
5. Review and assess the patched vulnerabilities.
6. Continue monitoring and reporting vulnerabilities for a better patching process.
The interplay between patch and vulnerability management
Patch management and vulnerability management are complementary processes that form the cornerstone of an organization’s cybersecurity strategy.
While vulnerability management sets the stage by highlighting security gaps that need to be addressed, patch management complements vulnerability management by addressing the identified security flaws.
Patch management reduces the attack surface and reinforces the security framework by systematically addressing vulnerabilities. The synergy between vulnerability and patch management lies in their shared objective of minimizing risk.
Feedback loop: Vulnerability assessments inform patch management teams about critical vulnerabilities that require immediate action. Post-patch deployment, vulnerability scans confirm whether the issues have been resolved.
Prioritization alignment: Vulnerability management helps prioritize which patches to apply first based on the risk level, ensuring high-risk vulnerabilities are addressed promptly.
Proactive defense: Continuous monitoring by vulnerability management ensures that emerging threats are detected, while patch management provides the means to neutralize them effectively.
Patch vs vulnerability management: The odds and evens
Effective cybersecurity strategies hinge on patch and vulnerability management, as these processes address critical aspects of IT security. While they share similar goals—reducing risks and maintaining system integrity—they follow distinct methodologies and scopes.
Similarities
a. Focus on reducing risks
Both patch management and vulnerability management aim to minimize security risks by addressing potential threats. Patch management achieves this by applying software updates, while vulnerability management identifies and mitigates weaknesses in the system infrastructure.
b. Lifecycle phases
Both processes share similar lifecycle stages, such as identification, prioritization, remediation, and validation. These stages ensure vulnerabilities and patches are systematically addressed to enhance security.
c. Dependency on accurate assessment
Accurate assessment is critical for both processes. Patch management relies on understanding software versions and available updates, whereas vulnerability management depends on thorough scans to detect potential weaknesses.
Key Differences
Aspect
Patch management
Vulnerability management
Scope
Addresses software and application updates.
Covers weaknesses in networks, hardware, and software.
Approach
Reactive: Fixes known issues.
Proactive: Finds and assesses potential risks.
Tools
Patch deployment tools, and automated update systems.
Scanners, penetration testing, and risk analysis tools.
Outcome
Measured by patches applied and compliance.
Focuses on risk reduction and improved security posture.
Integration
IT asset and change management processes.
Risk management, compliance, and incident response.
a. Scope of management
Patch management: Focuses specifically on deploying updates to software and applications, addressing known vulnerabilities by fixing bugs or enhancing features.
Vulnerability management: Takes a broader approach, identifying, analyzing, and mitigating weaknesses across the entire IT environment, including network configurations, hardware, and software.
b. Proactive vs. reactive
Patch management: Often reactive, as it addresses vulnerabilities already identified and fixed by software vendors.
Vulnerability management: Proactive, involving continuous scanning and monitoring to uncover vulnerabilities that may not yet have a patch available.
c. Tools and techniques
Patch management: Relies on patch deployment tools and update management systems to automate and schedule updates.
Vulnerability management: Uses vulnerability scanners, penetration testing, and risk analysis tools to identify and assess system weaknesses.
d. Outcome and metrics
Patch Management: Success is measured by the number of systems patched and compliance with update schedules.
Vulnerability Management: Metrics focus on risk reduction, such as the number of vulnerabilities mitigated and the overall security posture improvement.
e. Integration with other processes
Patch management: Primarily integrates with IT asset management and change management processes.
Vulnerability management: Aligns more broadly with risk management, compliance, and incident response plans.
Best practices for implementing patch and vulnerability management
Effective patch and vulnerability management is essential to maintaining a strong security posture and protecting against emerging cyber threats. By adhering to best practices, organizations can reduce the risk of security breaches, improve system performance, and ensure compliance with regulatory standards. Following are some key best practices for implementing a patch and vulnerability management program:
1. Establish a comprehensive inventory
Begin by creating and maintaining an up-to-date inventory of all hardware and software assets. This includes operating systems, applications, and network devices. Knowing what needs to be patched or updated is the first step in managing vulnerabilities effectively. Regularly audit and update the inventory to ensure you aren’t missing any critical systems.
2. Prioritize patches based on risk
Not all vulnerabilities are created equal. Some may pose a more immediate threat to your organization than others. Prioritize patches based on risk levels, considering factors such as the severity of the vulnerability, the criticality of the system, and any known exploits. A risk-based approach ensures that you address the most critical threats first, minimizing potential damage.
3. Automate patch deployment
Manual patching can be time-consuming and error-prone. Automated patching allows for faster, more consistent updates across your environment. With automated solutions, patches can be tested, approved, and deployed to all systems efficiently, reducing the likelihood of human error and ensuring timely updates.
4. Test patches before deployment
While automation helps streamline the process, it’s crucial to test patches in a controlled environment before deploying them across your production systems. Testing patches ensure they don’t disrupt business operations or introduce new issues. A test environment will help identify any compatibility or performance issues, so you can address them before widespread implementation.
5. Maintain a patch management schedule
Consistency is key when managing patches. Implement a regular patch management schedule that includes daily, weekly, or monthly checks for new patches. Having a routine process in place ensures that patches are applied promptly and helps organizations stay on top of new security vulnerabilities as they emerge.
6. Monitor and report vulnerabilities
Regularly monitor for new vulnerabilities and threats affecting your systems. Implement vulnerability scanning tools to identify potential weaknesses and gaps in your security posture. Once a vulnerability is discovered, generate detailed reports to help track remediation efforts and assess the effectiveness of your patching strategy.
7. Establish incident response protocols
Even with a solid patch management strategy, incidents can still occur. Ensure that you have clear and well-documented incident response protocols in place. This should include steps to take if a vulnerability is exploited, such as isolating affected systems, analyzing the breach, and applying emergency patches if necessary.
Ensure consistent protection with Scalefusion’s automated patch management
If you want to upgrade to an advanced patch management solution for your Windows devices and third-party applications, look no further. With Scalefusion UEM’s automated patch management, you can schedule, delay, automate, and deploy patches on your device, keeping them updated and protected from vulnerabilities at all times.
About Scalefusion Scalefusion’s company DNA is built on the foundation of providing world-class customer service and making endpoint management simple and effortless for businesses globally. We prioritize the needs and feedback of our customers, making sure that they are at the forefront of all decision-making processes. We are dedicated to providing comprehensive customer support services, and place emphasis on customer-centric thinking throughout the organization.
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
On January 8th, 2025, Ivanti disclosed vulnerabilities in their Ivanti Connect Secure, Ivanti Policy Secure, and Neurons for ZTA products.
CVE-2025-0282 – is rated critical with a CVSS score of 9.0. Successful exploitation of this vulnerability would allow a remote unauthenticated attacker to execute arbitrary code on the vulnerable system.
CVE-2025-0283 – is rated high with a CVSS score of 7.0. Successful exploitation of this vulnerability would allow a local authenticated attacker to execute arbitrary code on the vulnerable system.
Note that the vendor has indicated that there is evidence that these vulnerabilities are being exploited in the wild.
What is the impact?
Successful exploitation of these vulnerabilities would allow an attacker to execute arbitrary code, potentially leading to complete system compromise.
Are updates or workarounds available?
Ivanti has released updates to address these vulnerabilities. Users are urged to update all systems as quickly as possible.
How to find potentially vulnerable systems with runZero
From the Service Inventory, use the following query to locate systems running potentially vulnerable software:
product:"Policy Secure" OR product:"Connect Secure"
December 2024 (Multiple CVEs)
On December 10th, 2024, Ivanti disclosed vulnerabilities in their Ivanti Connect Secure and Ivanti Policy Secure products.
CVE-2024-11633 and CVE-2024-11634 are rated critical with CVSS scores of 9.1. Successful exploitation of these vulnerabilities would allow an authenticated attacker to execute arbitrary code on the affected system.
CVE-2024-37401 and CVE-2024-37377 are rated high with a CVSS score of 7.5 and could allow a remote, unauthenticated attacker to create a denial-of-service condition on vulnerable systems.
CVE-2024-9844 is rated high with a CVSS score of 7.1 and could allow a remote, authenticated attacker to bypass application restrictions.
What is the impact?
Successful exploitation of these vulnerabilities would allow an attacker to execute arbitrary code, read potentially sensitive resources, or create a denial-of-service (DoS) condition on affected devices.
Are updates or workarounds available?
Ivanti has released patches to address these vulnerabilities, and all users are urged to update as quickly as possible.
How to find potentially vulnerable systems with runZero
From the Service Inventory, use the following query to locate systems running potentially vulnerable software:
product:"Policy Secure" OR product:"Connect Secure"
April 2024 (Multiple CVEs)
On April 2, 2024, Ivanti disclosed multiple vulnerabilities in their Ivanti Connect Secure and Ivanti Policy Secure products.
CVE-2024-21894 is rated high with CVSS score of 8.2 and allows an unauthenticated attacker to potentially execute arbitrary code on the affected system.
CVE-2024-22052 is rated high with CVSS score of 7.5 and allows an unauthenticated attacker to create a denial-of-service (DoS) condition on affected systems.
CVE-2024-22053 is rated high with a CVSS score of 8.2 would allow an unauthenticated attacker to read potentially sensitive memory contents.
CVE-2024-22023 is rated medium with a CVSS score of 5.3 and would allow an unauthenticated attacker to create a denial-of-service (DoS) condition on affected systems.
What is the impact?
Successful exploitation of these vulnerabilities would allow an attacker to execute arbitrary code, read potentially sensitive memory, or create a denial-of-service (DoS) condition on affected devices.
Are updates or workarounds available?
Ivanti has released patches to address these vulnerabilities, and all users are urged to update as quickly as possible.
How to find potentially vulnerable systems with runZero
From the Service Inventory, use the following query to locate systems running potentially vulnerable software:
product:"Policy Secure" OR product:"Connect Secure"
Additional fingerprinting research is ongoing, and additional queries will be published as soon as possible.
February 2024 (CVE-2024-22024)
On February 8th, 2024, Ivanti disclosed a serious vulnerability, CVE-2024-22024, which allowed attackers to bypass authentication on the affected device to reach restricted resources. This vulnerability earned a CVSS score of 8.3 out of 10, indicating a high degree of severity.
The vendor reported that there were no indications that this vulnerability had been exploited in the wild.
What was the impact?
Upon successful exploitation of these vulnerabilities, attackers could access restricted resources on the vulnerable system without authentication. The vendor did not specify which resources were reachable without authentication, but did indicate that such resources were restricted.
Ivanti released an update to mitigate the issue (note that the provided link also discusses previous vulnerabilities in the same products). Users were urged to update as quickly as possible.
January 2024 vulnerabilities
On January 10th, 2024, Ivanti disclosed two serious vulnerabilities in the Ivanti Connect Secure and Ivanti Policy Secure products.
The first issue, CVE-2023-46805, allowed attackers to bypass authentication controls to access restricted resources without authentication. This vulnerability earned a CVSS score of 8.2 out of 10, indicating a high degree of impact.
The second issue, CVE-2024-21887, allowed attackers to inject arbitrary commands to be executed on the affected device. Attackers had to be authenticated to exploit this vulnerability, but attackers might have been able to use the authentication bypass vulnerability above to achieve this. This vulnerability had a CVSS score of 9.1 out of 10, indicating a critical vulnerability.
The vendor reported that there were indications that these vulnerabilities had been exploited in the wild.
What was the impact?
Upon successful exploitation of these vulnerabilities, attackers could execute arbitrary commands on the vulnerable system. This included the creation of new users, installation of additional modules or code, and, in general, system compromise.
Ivanti released an update to mitigate this issue. Users were urged to update as quickly as possible.
How to find potentially vulnerable products that expose a web interface
From the Services Inventory, use the following query to locate assets running the vulnerable products in your network that expose a web interface and which may need remediation or mitigation:
_asset.protocol:http AND protocol:http AND http.body:"welcome.cgi?p=logo"
About runZero runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network–without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
The rapid proliferation of IoT devices has revolutionized industries, driving innovation and efficiency. However, this surge also introduces significant security challenges that demand attention. Regulatory bodies worldwide are stepping up to address these risks, setting benchmarks for new IoT regulations to improve cybersecurity practices.
In Europe, the Cyber Resilience Act establishes a groundbreaking framework to bolster IoT security. Meanwhile, the UK is taking the lead with stringent security and privacy regulations designed to protect connected devices. Across the Atlantic, the United States is preparing to launch the Cyber Trust Mark, a labeling initiative aimed at helping consumers make informed purchasing decisions based on IoT product security standards.
These evolving IoT regulations highlight the urgent need for manufacturers to prioritize security throughout the product lifecycle. Integrating cybersecurity at every development stage is no longer optional—it’s a critical step for compliance and for mitigating emerging threats. For organizations and manufacturers, staying ahead of these regulatory developments isn’t just about avoiding penalties; it’s an opportunity to lead in safeguarding the future of IoT.
How The European Cyber Resilience Act is Shaping Connected Device Security
Central to the Act is the emphasis on secure-by-design principles, ensuring products are equipped to withstand evolving cybersecurity threats before they reach the market. For organizations operating in Europe, compliance with this Act demands a proactive approach to security, including continuous monitoring and adaptation to emerging risks.
By integrating robust security measures into every stage of development, companies can safeguard consumer data, foster trust, and maintain a competitive advantage in an increasingly regulated IoT market. The Act’s sweeping implications highlight the need for businesses to stay ahead of regulatory shifts and embed comprehensive security frameworks into their operations.
Staying informed and prepared isn’t just about compliance—it’s about shaping a safer, more resilient future for connected technologies.
Key requirements include enforcing unique passwords and transparent security practices, setting a high benchmark for IoT device security globally. This regulatory framework not only protects consumers but also drives innovation among manufacturers, compelling them to integrate advanced security features from the ground up.
As the UK’s approach gains international recognition, it serves as a model for other countries aiming to enhance their cybersecurity posture. The focus on transparency and robust security protocols reflects a commitment to safeguarding consumer data in an increasingly connected world.
IoT Regulation: What the U.S. Cyber Trust Mark Means for IoT Security
The United States is gearing up to launch the Cyber Trust Mark, a groundbreaking certification designed to provide consumers with vital information about the cybersecurity standards of IoT products. This initiative empowers consumers to make informed decisions by evaluating the security measures of the devices they purchase. In turn, it challenges manufacturers to prioritize cybersecurity in their product offerings to meet growing expectations.
As the rollout of the Cyber Trust Mark approaches, IoT device manufacturers face mounting pressure to integrate stringent security protocols throughout their development processes. This shift is crucial not only for building consumer trust but also for maintaining a competitive edge in a fast-evolving market.
Incorporating Regulatory Compliance into Incident Response Strategies
To align incident response strategies with evolving IoT regulations, organizations must adopt proactive measures akin to GDPR readiness initiatives. Firms have spent over €1 million ($1.06 million) to meet GDPR requirements, illustrating the significant investment needed for regulatory compliance. As IoT regulations continue to evolve, effective coordination between security, legal, and operational teams is essential for developing incident response plans that meet these new standards. A collaborative environment where teams share insights and strategies is key to ensuring a comprehensive and well-rounded approach to security.
By leveraging the unique expertise of each department, organizations can design robust incident response protocols that not only achieve regulatory compliance but also strengthen their overall security posture. Regular training and ongoing updates on regulatory changes are critical to keeping all teams aligned and prepared to handle potential security incidents.
A unified and informed approach empowers organizations to respond swiftly and effectively to emerging threats, ensuring compliance with IoT regulation requirements while protecting valuable assets and maintaining consumer trust.
Strengthening Security Protocols for IoT Devices
IoT devices face increasing threats, underscoring the necessity for strengthened security protocols. Botnet-driven distributed denial-of-service (DDoS) attacks, for example, have surged fivefold in the past year, highlighting the need for fortified defenses. Conducting thorough security assessments and code audits is essential to identify vulnerabilities and mitigate risks. The growing IoT security market, valued at $3.35 billion in 2022, is projected to reach $13.36 billion by 2028, reflecting a compounded annual growth rate of 26.36%.
This growth underscores the increasing demand for robust security solutions in the IoT landscape. Adopting a proactive stance through continuous monitoring, automated security improvements, and staying updated on the latest attack vectors is vital. Leveraging advanced threat models and integrating security measures into the design phase can further bolster the resilience of IoT devices.
These strategies are critical for maintaining a secure, trustworthy, and competitive edge in today’s dynamic regulatory environment.
Readying for What Lies Ahead
Navigating the future of IoT security requires a proactive and forward-thinking approach to regulatory compliance and risk management. For cybersecurity leaders, it’s essential to continuously enhance security protocols while fostering a culture of vigilance within their organizations. This involves not only adhering to current IoT regulations but also anticipating future challenges and adapting strategies accordingly.
To thrive in an increasingly interconnected and regulated world, organizations must embrace cross-functional collaboration and invest in ongoing education to ensure their teams are prepared to tackle emerging threats. Emphasizing the implementation of robust security frameworks and committing to continuous improvement will position companies as leaders in IoT security while safeguarding their future success.
About Portnox Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
I’m excited to unveil Parallels Desktop 20.2.0, the third major release in the Parallels Desktop 20 series—all delivered in just four months!
At Parallels, we’re committed to bringing you powerful, user-focused features designed to bring some value to your everyday work and play.
In this update, we’re introducing innovations for every type of user, whether you run Windows apps on your Mac, manage large-scale IT deployments, or dive deep into development and testing.
Let’s take a closer look at what’s new!
New improvements for Pro users (developers, testers, and tech enthusiasts)
A milestone: introducing the early technology preview of x86 emulation
I’m proud to share a significant milestone — starting with Parallels Desktop 20.2.0 you can use x86 emulation on Apple silicon Macs.
Since we first introduced Parallels Desktop 16.5 with support for Apple silicon Macs, the ability to run x86_64 virtual machines has been a limitation.
And today, after months of hard work, we’re releasing this early technology preview for tech enthusiasts who want to explore its potential.
What does this functionality allow you to do?
We listened to your feedback — it’s important to us!
Run existing x86_64 Windows 10, Windows 11*, Windows Server 2019/2022, and some Linux distributives with UEFI BIOS via Parallels Emulator.
Create new Windows 10 21H2 and Windows Server 2022 virtual machines.
* Running x86_64 Windows 11 24H2 virtual machines through x86 emulation isn’t supported currently due to the absence of SSE (Streaming SIMD Extensions) 4.2 support.
Are there any limitations?
Since the functionality is in the early technology preview stage, it has some significant limitations:
Performance is slow—really slow. Windows boot time is about 2-7 minutes, depending on your hardware. Windows operating system responsiveness is also low.
Only 64-bit operating systems are supported. But you can run 32-bit apps. Since there are millions of apps in the world, we couldn’t test all of them. I invite you to give it a try and share your feedback with us.
There is no support for USB devices which means you won’t be able to connect external devices to your VM.
Parallels hypervisor can’t be used. All VMs will be booted via the Apple hypervisor. Nested virtualization is not supported either.
You can find more details about the functionality and its limitations in this article.
Please note that we’ve hidden the option to start a virtual machine in our UI to avoid false expectations for the majority of users who don’t actually need it.
It’s important for us to better understand your workflow and what we can do to enhance the feature for your needs.
Automatically sync time and time zone for macOS VMs on Apple silicon
We’re making it easier to manage macOS virtual machines on Apple silicon Macs with the introduction of automatic time and time zone sync.
Why is this important?
Previously, when creating a new macOS VM on Apple silicon, users had to manually set the time and time zone, adding extra steps to the setup process.
Starting with Parallels Desktop 20.2, this sync happens automatically once you install Parallels Tools.
Significant improvements for IT admins and managers
Hybrid licensing and SSO support for Parallels Desktop Enterprise Edition
We made a promise—and we kept it.
Parallels Desktop Enterprise Edition with the new Management Portal that was recently released, and with it we’re making license management smarter and more flexible.
Organizations that utilize a corporate identity provider (e.g., Microsoft Entra ID, Okta, etc.) can use it to automate license management of Parallels Desktop licenses and enable single sign-on (SSO) capabilities.
IT admins no longer need to manually disable unused licenses.
If an end-user is inactive and doesn’t log in for a month, the license seat is automatically revoked from this user and made available for another user.
The same happens when a user leaves the organization.
The activation process is super simple. Your end users just need to enter their corporate email and voila—the product is activated.
You can also link groups in your identity provider to sublicenses in Parallels My Account to get more visibility over the license keys.
But that’s not everything I wanted to share.
With this update, IT admins and managers have greater flexibility in managing the license keys.
They can allow one group of users to sign in through SSO while enabling other groups to activate Parallels Desktop using a license key.
Simplified deployment: Introducing support for Configuration profiles
How is this support helpful for new deployments?
As of now, you can easily deploy the Parallels Desktop application from the MDM App Catalogs and deliver information about the Parallels Desktop activation experience with the help of configuration profiles.
Configuration profiles can be created right from the iMazing Profile Editor app.
Simply choose how end users will activate—with a license key or via SSO.
Once the profile is created, push it to the end users’ Macs and Parallels Desktop will apply this configuration the next time they start up.
Delivering Parallels Desktop settings can be done through the Parallels Desktop Management Portal (available in Parallels Desktop Enterprise Edition).
The option to deploy the Parallels Desktop application, virtual machines, licensing information, and the settings using the deployment package is still available.
How can it be helpful for existing installations?
In response to the request from IT administrators, the Parallels Team has implemented support for managing the activation experience on managed Macs.
Once the configuration profile is deployed to the target Macs, if an end user tries to activate the Mac using a different key, Parallels Desktop will automatically reactivate with the key defined in the configuration profile.
It will also prompt the user to sign in with SSO based on the selected activation method. As a result, IT admins can ensure the end users get the proper experience and don’t face any challenges with activating Parallels Desktop, even if the product is uninstalled and reinstalled later.
I’m excited to share that Parallels Desktop is the first end-point virtualization solution that offers this kind of functionality.
Improvements for Windows app users
Writing Tools for Windows apps: Enhanced usability
We’ve made it even easier to use Writing Tools powered by Apple Intelligence with your favorite Windows apps. Now you can access them directly from the context menu in:
This integration makes polishing your text smoother than ever, whether you’re editing emails, documents, or presentations.
The 20.2.0 update also includes a range of fixes to enhance the overall stability and reliability of Parallels Desktop.
We’ve addressed key issues reported by users to ensure a smoother and more seamless experience. Learn more here.
About Parallels Parallels® is a global leader in cross-platform solutions, enabling businesses and individuals to access and use the applications and files they need on any device or operating system. Parallels helps customers leverage the best technology available, whether it’s Windows, Linux, macOS, iOS, Android or the cloud.
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
