The OpenVPN community project has announced the release of OpenVPN 2.7_alpha2 on June 19, 2025.
Marking the first alpha build for the upcoming 2.7.0 feature release, this early version is targeted at testers and developers rather than production environments.
The new version introduces a host of cutting-edge features and architectural improvements, particularly on Windows systems.
However, it also directly addresses a critical security vulnerability, tracked as CVE-2025-50054, in the Windows driver that could permit remote attackers
Among the prominent enhancements in OpenVPN 2.7_alpha2 is full multi-socket support, enabling servers to manage multiple addresses, ports, and protocols from a single instance.
This capability is likely to benefit large deployments seeking to simplify configuration and scale services seamlessly across diverse network interfaces.
In tandem, the update boasts improved DNS options for clients, with comprehensive support out of the box for Linux, BSD, and critically a new implementation for Windows clients.
The Windows client now features advanced capabilities such as split DNS and DNSSEC support, bringing it in line with modern enterprise security requirements.
Under the hood, this release brings sweeping architectural changes to Windows deployments.
The system now generates network adapters dynamically on demand and elevates security by ensuring the background service runs as an unprivileged user.
Notably, the new release enforces the “block-local” flag via Windows Filtering Platform (WFP) filters and improves the handling of data channels, emphasizing the increased attention to reinforcing security boundaries at the network driver level.
A major underpinning change is the transition away from the wintun driver, with win-dco now set as the default.
The legacy tap-windows6 remains a fallback for specific use cases not covered by win-dco.
Server mode support has also been added to the win-dco driver, aligning with the broader multi-socket and multi-protocol vision of this release.
Central to this update is the resolution of a critical security issue affecting Windows installations, specifically CVE-2025-50054, which is addressed in the new Windows MSI installer.
The flaw, if exploited, could empower remote attackers to force a denial-of-service attack by crashing the affected system via the vulnerable driver.
Given OpenVPN’s wide deployment across enterprise and personal environments, the presence of such a vulnerability prior to this fix had far-reaching consequences, emphasizing the importance of timely updates, especially as newer kernel modules and driver architectures are deployed.
On the Linux front, OpenVPN 2.7_alpha2 integrates support for the forthcoming ovpn DCO (Data Channel Offload) kernel module, which promises significant performance improvements and reduced CPU usage by offloading encryption and packet handling directly to the kernel.
While this module will be included in future official Linux releases, users can already experiment with backported versions via the ovpn-backports project.
Data channel enhancements also introduce enforcement of AES-GCM usage limits and the migration to epoch-based data keys and updated packet formats, reflecting ongoing adaptation to modern cryptographic best practices.
The alpha release also includes updated Windows MSI installers for 64-bit, 32-bit, and ARM64 architectures, built against the latest OpenSSL 3.5.0 for strengthened cryptography and bundled with an updated OpenVPN GUI (version 11.54.0.0).
There are notable usability improvements, including enhanced French and Turkish language support and a new QR code-based mechanism for web authentication through the Pre-Logon Access Provider (PLAP), indicative of OpenVPN’s commitment to both security and user experience.
While this alpha build is not ready for general deployment, it serves as a significant milestone in OpenVPN’s transition toward a more robust, secure, and feature-rich platform.
Testers are encouraged to review detailed changes in the project’s changelogs and provide feedback, helping to ensure the stability and security of future stable releases.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant updates
The post Critical Flaw in OpenVPN Driver Enables Remote Windows System Crashes appeared first on Cyber Security News.
Actor, filmmaker, and author Bruce Campbell has today shared he has been diagnosed with cancer.…
U.S. Reps. Kelly Morrison, Ilhan Omar and Angie Craig of Minnesota, all Democrats, arrive outside…
A jump starter is an essential part of car's emergency kit and you don't need…
Tired of the same old black brick of a power bank that litters the marketplace?…
Kunce's appointment follows the resignation of the city's previous choice, Scott Fisher, who left the…
USB Type-C has become the standard for charging and data cables alike, so it's good…
This website uses cookies.