On April 11, 2022, at 15:59 EST, Duo's Engineering Team was alerted by Duo Customer Care that users were receiving an “Access denied” or similar message when attempting to login to Duo protected applications. After investigation, the root cause was identified as a recent code change which in some cases incorrectly denied access to unenrolled users.
The issue was resolved with a code fix on the same day.
2022-04-11 15:59 Duo Site Reliability Engineering (SRE) is informed by Duo Customer Support (CS) that users are not able to authenticate against Duo protected applications
2022-04-11 16:15 Duo Engineering assesses the issue, identifying the root cause.
2022-04-11 16:32 Status page updated to Identified.
2022-04-11 17:35 Duo Engineering begins deploying a code fix to all deployments
2022-04-11 20:27 Deploying the fix is complete.
2022-04-11 20:27 Status page updated to Monitoring.
2022-04-11 21:34 Status page updated to Resolved.
Duo Engineering recently made a code change affecting enrollment behavior for the following Duo protected applications: Windows Logon, RD Gateway, macOS Logon, and Epic Applications
The change did not have the intended effect and denied access for users when all the following conditions were true:
Fourteen customers across eight deployments were impacted.
Duo Engineering is creating a deeper suite of unit tests based on configured policy and expected outcomes to prevent similar issues in the future.
Note: You can find your Duo deployment’s ID and sign up for updates via the StatusPage by following the instructions in this knowledge base article.