I have got this link for a colleague. 
I haven't heard about this before but when you read this this is "known" issue since it was reported in 2016 as well.

"A recent investigation has revealed that attackers are exploiting vulnerabilities in IBM i Access Client Solutions (ACS) to steal Windows user credentials."

https://cybersecuritynews.com/ibm-i-access-client-vulnerability-exposed/

Hello Erik,

IBM is aware of this and I'm not entirely sure if we can call this a "vulnerability" if you keep your ACS updated. Windows 11 24H2 update causes issues connecting to IBM i

I would personally completely stop using Windows logon authentication in ACS as recommended in the article. IBM has deprecated WINLOGON support in the ACS because of the "incompatibility" with Windows11's  LSA protection, so if you stay updated (the latest ACS version is 1.1.9.7) you should not be worried about this.

If you don't want to update ACS for various reasons, switch from Windows logon to another authentication method in the ACS (Default user profile might be the easiest, Prompt every time is more secure).

Regards,

I have got this link for a colleague. 
I haven't heard about this before but when you read this this is "known" issue since it was reported in 2016 as well.

"A recent investigation has revealed that attackers are exploiting vulnerabilities in IBM i Access Client Solutions (ACS) to steal Windows user credentials."

https://cybersecuritynews.com/ibm-i-access-client-vulnerability-exposed/

Greetings,  Just want to echo Michal post.  Just like lots of software, you need to stay current.  Your IBM i and the tools you use to access the IBM i also need to stay current.  The latest ACS is 1.1.9.7 as pointed out above and ACS has been updated accordingly.  

Hello Erik,

IBM is aware of this and I'm not entirely sure if we can call this a "vulnerability" if you keep your ACS updated. Windows 11 24H2 update causes issues connecting to IBM i

I would personally completely stop using Windows logon authentication in ACS as recommended in the article. IBM has deprecated WINLOGON support in the ACS because of the "incompatibility" with Windows11's  LSA protection, so if you stay updated (the latest ACS version is 1.1.9.7) you should not be worried about this.

If you don't want to update ACS for various reasons, switch from Windows logon to another authentication method in the ACS (Default user profile might be the easiest, Prompt every time is more secure).

Regards,

I have got this link for a colleague. 
I haven't heard about this before but when you read this this is "known" issue since it was reported in 2016 as well.

"A recent investigation has revealed that attackers are exploiting vulnerabilities in IBM i Access Client Solutions (ACS) to steal Windows user credentials."

https://cybersecuritynews.com/ibm-i-access-client-vulnerability-exposed/

Greetings Want to clarify a few things on this.  After seeing this article and several others... want to clear up a few points of confusion.  

Access Client Solutions is made up of a number of independent  deliveries. 

ACS - the client application (runs on Window, Mac, and Linux - based on Java) that has 5250, IFS, Spool, Run SQL Scripts, Schema and such. This application is NOT effected at all by the WINLOGON issue.  It's never used it.  Yes, you still NEED TO STAY CURRENT (sorry to yell ). 1.1.9.7 is the latest 

There are several other deliverables.. the Application RunTime Packages  - There is one for Window, Mac, Linux and IBMi (Pase).  The basically contain the ODBC drivers for each OS.  The Windows Package.. that has a few other widows connections thing in it as well.  Yes. the ACS Windows Application Package did in the past use the WINLOGON.  AS of May 2024, with update delivered at that time, that function was deprecated. 

If there is other Access items referenced.. My only guess is they are referring to the Access for Windows Client that went end of life in 2019. That for sure is not getting fixed, it's time to move to ACS.  

Thanks 

Greetings,  Just want to echo Michal post.  Just like lots of software, you need to stay current.  Your IBM i and the tools you use to access the IBM i also need to stay current.  The latest ACS is 1.1.9.7 as pointed out above and ACS has been updated accordingly.  

Hello Erik,

IBM is aware of this and I'm not entirely sure if we can call this a "vulnerability" if you keep your ACS updated. Windows 11 24H2 update causes issues connecting to IBM i

I would personally completely stop using Windows logon authentication in ACS as recommended in the article. IBM has deprecated WINLOGON support in the ACS because of the "incompatibility" with Windows11's  LSA protection, so if you stay updated (the latest ACS version is 1.1.9.7) you should not be worried about this.

If you don't want to update ACS for various reasons, switch from Windows logon to another authentication method in the ACS (Default user profile might be the easiest, Prompt every time is more secure).

Regards,

I have got this link for a colleague. 
I haven't heard about this before but when you read this this is "known" issue since it was reported in 2016 as well.

"A recent investigation has revealed that attackers are exploiting vulnerabilities in IBM i Access Client Solutions (ACS) to steal Windows user credentials."

https://cybersecuritynews.com/ibm-i-access-client-vulnerability-exposed/