AWS res high security documentation change
Summary
Documented security fixes for session isolation and IAM roles in 2025.09 release notes
Security assessment
Explicitly mentions resolution of 'users seeing other users desktop sessions' (CVE-level isolation flaw) and IAM role conflicts. Both are security vulnerabilities with high impact potential.
Diff
diff --git a/res/archive/release-minus-3/ug/revisions.md b/res/archive/release-minus-3/ug/revisions.md index 7ffc5e264..80a34b9cc 100644 --- a//res/archive/release-minus-3/ug/revisions.md +++ b//res/archive/release-minus-3/ug/revisions.md @@ -12,0 +13,18 @@ Date | Change +September 2025 | + + * Release version 2025.09 Enhancements + * Region support expansion for ap-northeast-3, ap-southeast-3, me-central-1, and sa-east-1. + * Deletion of computer account from AD domain on VDI termination. + * Systems Manager Parameter Alias support for AMI IDs to simplify the management of project-specific images. + * Integration with pre-existing Amazon Cognito pool for streamlined authentication setup during deployment. + * Customization of CIDR ranges in the CloudFormation external resources template during deployment for enhanced network planning and integration with existing resources. + * Addition of AD email sync functionality after initialization. + * Support for Amazon EC2 g6f instances. +Changes + * Moving infrastructure deployment out of ECS installer task to simplify installation process. +Bug Fixes + * Resolved persistent instance resume failures. + * Resolved users being able to see other users desktop sessions. + * Resolved IAM user role name uniqueness issue in multi-region single account deployments. + +