AWS Security ChangesHomeSearch

AWS res high security documentation change

Service: res · 2026-06-22 · Security-related high

File: res/archive/release-minus-3/ug/revisions.md

Summary

Documented security fixes for session isolation and IAM roles in 2025.09 release notes

Security assessment

Explicitly mentions resolution of 'users seeing other users desktop sessions' (CVE-level isolation flaw) and IAM role conflicts. Both are security vulnerabilities with high impact potential.

Diff

diff --git a/res/archive/release-minus-3/ug/revisions.md b/res/archive/release-minus-3/ug/revisions.md
index 7ffc5e264..80a34b9cc 100644
--- a//res/archive/release-minus-3/ug/revisions.md
+++ b//res/archive/release-minus-3/ug/revisions.md
@@ -12,0 +13,18 @@ Date | Change
+September 2025 | 
+
+  * Release version 2025.09 Enhancements
+    * Region support expansion for ap-northeast-3, ap-southeast-3, me-central-1, and sa-east-1.
+    * Deletion of computer account from AD domain on VDI termination.
+    * Systems Manager Parameter Alias support for AMI IDs to simplify the management of project-specific images.
+    * Integration with pre-existing Amazon Cognito pool for streamlined authentication setup during deployment.
+    * Customization of CIDR ranges in the CloudFormation external resources template during deployment for enhanced network planning and integration with existing resources.
+    * Addition of AD email sync functionality after initialization.
+    * Support for Amazon EC2 g6f instances.
+Changes
+    * Moving infrastructure deployment out of ECS installer task to simplify installation process.
+Bug Fixes
+    * Resolved persistent instance resume failures.
+    * Resolved users being able to see other users desktop sessions.
+    * Resolved IAM user role name uniqueness issue in multi-region single account deployments.
+
+