ARM 2025.2 release notes
Release date: April 15, 2025
Here's what's new in Access Rights Manager 2025.2.
Learn more
- See the ARM release notes aggregator to view release notes for multiple versions of ARM on a single page.
- See ARM 2025.2 system requirements to learn about prerequisites for running and installing ARM 2025.2.
- See the ARM 2025.2 Administrator Guide to learn how to work with ARM.
New features and improvements in ARM
ARM supports Windows Server 2025
ARM added support for Windows Server 2025. See the ARM 2025.2 system requirements.
Web Client graphical resources view for AD
View a graphical representation of your AD resources in the ARM Web Client. Quickly see which users of your AD users are assigned to particular groups.
General improvements
- RabitMQ version has been upgraded to 3.13.7.
- ErLang version has been upgraded to 26.2.5.
Fixes
| Case number | Description |
|---|---|
| 01842162 | SharePoint on-premise resources display the nested groups in the ARM resources view. |
| 01627661 | The SharePoint scan completes as expected. |
| 01806149 | The ARM installer displays the correct version number. |
| 01732711, 01723227, 01728894, 01731877, 01729024, 01732722, 01725130, 01805288, 01761643, 01774405, 01770807, 01786712, 01775487 | ARM AD tasks complete with scripting as expected. |
| 01609945, 01818939 | Assigning a department profile to a user no longer shows as failed in the Tasks analyze scenario. |
| 01311181 | Scanning large organizations no longer leads to exceptions. |
| 01321569 |
The WebClient analysis calculates and displays as expected. |
| 01323966, 01777993 | Commas are supported for X500 Exchange online email addresses. |
| 00895546, 00835722, 00752056 | A department profile can be applied successfully to a user profile. |
| 00516104 | Department profiles no longer get stuck during assignment when an assigned group no longer exists. |
CVEs
Last updated: 4/15/2025
Third Party CVEs
| CVE-ID | Vulnerability Title | Description | Severity |
|---|---|---|---|
| CVE-2022-37434 | Zlib heap-based buffer over-read or buffer overflow vulnerability | zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader. | 9.8 Critical |
| CVE-2022-0778 | Open SSL Denial of Server Vulnerability | The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc). | 7.5 High |
Installation or upgrade
For new installations, you can download the installation file from the product page on https://www.solarwinds.com or from the Customer Portal. For more information, see the ARM Installation and Upgrade Guide.
If you are upgrading from a previous version, see Upgrade ARM in the ARM Installation and Upgrade Guide for instructions.
Known issues
Last updated: April 15, 2025
Windows FS cluster turned off after upgrade
The window FS cluster started turning off after upgrading to version 2025.1.
Legal notices
© 2025 SolarWinds Worldwide, LLC. All rights reserved.
This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.
SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.