Thousands of remote workers are struggling to log in with Pulse Secure VPN due to expired code

0

Thousands of remote workers are struggling to log in with Pulse Secure VPN due to expired code required to digitally authenticate users

  • Pulse Secure is used to allow employees to log in to company websites remotely
  • A report shows that employees will not have access to internal software from Monday
  • The code used to digitally sign and verify software components has expired
  • It seems users have to wait for an update from Pulse on the issue

Users around the world cannot connect to Pulse Secure VPN, a service that provides secure access to remote workers.

Bleep computer found that the problem is due to an expired code used to digitally sign and verify software components, meaning employees cannot access internal work.

A number of companies indicate that their staff will no longer have access to the system from home from Monday.

“Normally they log in to Pulse Secure via the web interface and then select their PC, which is then forwarded via the terminal server service,” reports a customer on the Pulse Secure forums.

Users around the world cannot connect to Pulse Secure VPN, a service that provides secure access to remote workers

Users around the world cannot connect to Pulse Secure VPN, a service that provides secure access to remote workers

Pulse is used by more than 24,000 companies who rely on it to secure access for nearly 25 million endpoints, but Monday’s problem means many are unable to perform day-to-day work.

Bleeping Computer found that the expired code is blocking users from connecting to their company’s resources through their web browser.

Users have flocked to Pulse Secure support forums to seek advice, but it seems that ‘you have to wait for an update from Pulse,’ a forum employee shared.

Pulse Secure has gained popularity after the coronavirus pandemic forcing companies to leave the office and their homes.

Pulse is used by more than 24,000 companies that rely on secure access for nearly 25 million endpoints, but Monday's problem means many are unable to perform day-to-day work

Pulse is used by more than 24,000 companies that rely on secure access for nearly 25 million endpoints, but Monday's problem means many are unable to perform day-to-day work

Pulse is used by more than 24,000 companies that rely on secure access for nearly 25 million endpoints, but Monday’s problem means many are unable to perform day-to-day work

The service always allows employees to access resources by entering a passcode that authenticates their software components and allows them to continue their activities as if they were using a company-issued computer.

In a new support bulletin released today, Pulse Secure explains that “multiple functionalities / functions will fail for end users with a certificate error.”

“The code sign authentication on the client-side components fails because the certificate expiration time is checked instead of the code signing timestamp,” reads the support bulletin.

The issue does not affect users accessing Pulse Desktop Client directly, not through a browser, and users using macOS and Linux.  And the company suggests using Pulse Desktop Client as a workaround until the problem is resolved

The issue does not affect users accessing Pulse Desktop Client directly, not through a browser, and users using macOS and Linux.  And the company suggests using Pulse Desktop Client as a workaround until the problem is resolved

The issue does not affect users accessing Pulse Desktop Client directly, not through a browser, and users using macOS and Linux. And the company suggests using Pulse Desktop Client as a workaround until the problem is resolved

The issue does not affect users accessing Pulse Desktop Client directly, not through a browser, and users using macOS and Linux.

And the company suggests using Pulse Desktop Client as a workaround until the problem is resolved.

In August 2020, security researchers discovered a vulnerability in Pulse Secure VPN that could be used by hackers to take control of an enterprise’s entire network – but the flaw has since been fixed.

While services such as Pulse have made the transition to remote working easier, vulnerabilities like these can disable an entire business in just minutes.

Advertisement