• ACS Password Leaks Are A Security Issue On IBM i

  February 17, 2025 Alex Woodie

  IBM i shops that are relying on the old WINLOGON process with their Access Client Solutions (ACS) installations will need to find a new way to synchronize passwords between Windows clients and IBM i servers. According to a new report from Silent Signal, the passwords could still be compromised.

  In early January, Big Blue published an IBM Support document about problems that IBM i shops were having after they applied the Windows 11 24H2 update, which Microsoft had started rolling out in October 2024. IBM i customers who used the ACS Windows Application Package told IBM they were no longer …

  Read more

• What’s New on PHP? Seiden Delivers the Goods

  October 23, 2024 Alex Woodie

  PHP has been around so long on the IBM i server that it’s practically a legacy technology at this point (not that that’s a bad thing). But if you haven’t looked at PHP lately, you might be surprised at what’s going on with the newer releases. PHP guru Alan Seiden recently brought us up to speed with the Web development language with a webinar sponsored by TUG.

  Seiden has been involved with PHP on IBM i for about 20 years. He was playing around with the open source language even before IBM and Zend worked together to bring the first …

  Read more

• IBM Bolsters Run SQL Scripts In ACS 1.1.9.6

  August 12, 2024 Alex Woodie

  IBM last week shipped a new release of Access Client Solutions (ACS) that contains several user-requested updates for Run SQL Scripts (RSS), the popular tool that allows users to execute SQL statements. ACS 1.1.9.6 also brings enhancements to the data transfer, IFS, and 5250 emulator components of ACS, among others.

  ACS, of course, is the universal Java-based utility that IBM unveiled 12 years ago to replace Client Access. It’s a must-have tool for any IBM i user, as it contains a slew of facilities for interacting with the system, including RSS, data transfer, IFS file viewing, spool file management, 5250 …

  Read more

• IBM i PTF Guide, Volume 26, Number 31

  August 12, 2024 Doug Bidwell

  As we report elsewhere in this issue, the big news this week in IBM Software Land is a new release of Access Client Solutions, which is rolled out as a PTF update for the currently supported releases of the IBM i operating system. Our story is here, and the release notes are there.

  We did not see any new security vulnerabilities, which is always good news.

  Here is the rundown of PTF Groups by IBM i release level since we last published:

  PTF Groups 7.5:

  • IBM i Access Client Solutions V1.1.9.6
  • SAP Support Required PTF List for IBM

  …

  Read more

• Spring 2024 IBM i Technology Refresh Unveiled by IBM

  May 8, 2024 Alex Woodie

  IBM today took the wraps off the latest Technology Refresh for the IBM i platform. When IBM i 7.5 TR4 and 7.4 TR10 ship on June 14, customers will find enhancements such as Merlin version 2, new features in Navigator and ACS, security improvements, a couple of RPG enhancements, HA and DR enhancements, and a host of new SQL-based database services, among other capabilities.

  In addition to new features, which we’ll get to in a second, the launch of IBM i 7.5 TR4 and 7.4 TR10 is important for an unexpected reason: It will mark the beginning of IBM’s transition …

  Read more

• April Showers Bring May IBM i Security Vulnerabilities

  May 8, 2024 Alex Woodie

  IBM has patched more than a dozen security flaws in IBM i and related products this spring, including serious flaws in the operating system proper and the compilers, and a critical vulnerability in Administrative Runtime Expert that landed a nearly perfect CVSS Base score.

  In the interest of time, let’s cover the security vulnerabilities in descending order of severity. That means we’re starting with the worst and then moving on to the slightly less worse.

  ARE Flaw

  The flaw reported in the Administration Runtime Expert for i (ARE), which IBM launched in 2010 to make it easier to manage IBM …

  Read more

• IBM Cranks Up the Performance for Run SQL Scripts

  April 24, 2024 Alex Woodie

  Access Client Solutions (ACS) users who are tired of waiting for database fields to resolve in the Run SQL Scripts (RSS) facility will be happy to hear that IBM felt their pain and RSS will return data much more quickly to return data with ACS version 1.1.9.5, which IBM shipped earlier this month.

  The speed-up of field resolution time was listed as a concern to at least one IBM i user, who took to IBM Power Ideas Portal to voice his or her concern. “Simply put the resolution of potential field makes content assist almost unusable,” the user wrote. “I …

  Read more

• IBM i PTF Guide, Volume 26, Number 15

  April 15, 2024 Doug Bidwell

  Hey, this is interesting. We have no security vulnerabilities to report on this week for the IBM i platform. And this is also interesting. There is a new version of Access Client Solutions, called V1.1.9.5. We will be putting together a news story to talk about this, but in the meantime, we thought you should know that it is out. There ain’t a lot else going on, as you will see.

  Here is the rundown of PTF Groups by IBM i release level since we last published:

  PTF Groups 7.5:

  • IBM i Access Client Solutions V1.1.9.5
  • QMGTOOLS

  PTF Groups 7.4: …

  Read more

• IBM Patches New Security Vulns In IBM i Components, Power Firmware

  February 12, 2024 Alex Woodie

  IBM has patched a series of moderate security vulnerabilities in IBM i products and Power firmware over the past two weeks. The IBM i flaws span Rational Developer for i (RDi), Access Client Solutions (ACS), and the Java development kit and runtime, while the Power flaw involves PowerVM and its communications with the Hardware Management Console (HMC).

  Concerns over security hit an all-time high in the IBM i community according to the IBM i Marketplace 2024 study conducted by Fortra. The survey found that 79 percent of IBM i professionals considered security a top concern, a 10 percent increase …

  Read more

• ACS, Merlin Hit With Serious Security Vulnerabilities

  December 11, 2023 Alex Woodie

  Three serious security vulnerabilities in IBM i Access Client Solutions and six in Merlin were disclosed and patched by IBM last week. The flaws could allow attackers to commit a range of crimes, from executing arbitrary code and denial of service attacks, to obtaining sensitive data on IBM i conducting phishing attacks. All of the flaws – including another three reported by IBM in November – should be patched immediately.

  IBM published a security bulletin December 8 covering all three of the ACS flaws, which impact ACS versions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3. The fix is to download …

  Read more

Previous Articles