ConnectWise is warning customers that it is rotating the digital code signing certificates used to sign ScreenConnect, ConnectWise Automate, and ConnectWise RMM executables over security concerns.
Digital certificates are used to sign executables so those downloading the files know they come from a trusted source. This ensures that code has not been tampered with before it reaches the end user.
According to ConnectWise, the decision was taken after a third-party security researcher raised concerns about how certain configuration data can be abused by threat actors.
"We are updating the digital signing certificates used in ConnectWise ScreenConnect, Automate, and RMM due to concerns raised by a third-party researcher about how ScreenConnect could potentially be misused by a bad actor," reads an email seen by BleepingComputer.
"This potential misuse relates to a configuration handling issue with the ScreenConnect installer which would require system-level access."
ConnectWise underlines that the action is unrelated to any security incidents, specifically not the nation-state cyberattack it suffered last month.
"In addition to issuing new certificates, we are releasing an update to improve how this configuration data is managed in ScreenConnect," further explains an advisory on its website.
The certificates in question are issued by DigiCert, who initially were going to revoke ConnectWise's certificates on Tuesday, June 10 at 10:00 PM ET. However, ConnectWise was able to get an extension to Friday, June 13, 2025, at 8:00 PM ET, likely because the new ScreenConnect version 25.4 build that utilizes the new certificates was not available.
The action will affect both on-premises and cloud users, who must meet the deadline to avoid operational disruptions.
ConnectWise says the Automate build is already out, while the ScreenConnect build should be ready soon.
... continue reading