Esri has discovered a critical vulnerability in the Portal for ArcGIS component of ArcGIS Enterprise. Patches for all versions of Portal for ArcGIS from 10.3 through 10.6.1 have been released.Read More
The EU General Data Protection Regulation (“GDPR”) places significant responsibilities on organisations that process Personal Data. We are committed to being compliant with GDPR, including helping our customers meet their GDPR obligations.Read More
Esri have released patches to fix an ArcGIS Server vulnerability which could potentially result in secured services and their data being exposed to users when they should not otherwise have access.Read More
Esri have started migrating to stronger encryption certificates utilising SHA-256 for basemaps via HTTPS - Previously it was using SHA-1. Esri will continue updating ArcGIS Online certificates over the next few months. This change should be transparent to most of our users.
One group of users that might run into issues are ArcPad users with Windows Mobile 6.5 and earlier. Many of those devices still don't support SHA-256, which means you will begin seeing an increase in the number of ArcGIS Online service endpoints you cannot access via HTTPS. If you are using such a device, please contact your hardware vendor to find out your vendor's patch plans. We will be posting more information about this using the Twitter handle @ArcGIS Online.