Version 1.6.8 of Viscosity has been released for both Mac and Windows! This release includes a number of improvements and bug fixes, an update to OpenVPN 2.3.14, and an important security fix for the Windows version (more information below).
Version 1.6.8 Mac Release Notes:
Version 1.6.8 Windows Release Notes:
This version includes more fine-grained detection of unsafe commands by now also taking the command's parameters into account. Where previously Viscosity may block a command as unsafe, the command could now be considered safe when certain parameter combinations are used. This should allow for less instances where the "Allow unsafe OpenVPN commands to be used" option needs to be enabled without compromising security.
This version also resolves a security issue that been identified in the Windows version of Viscosity that could potentially allow a local user to gain elevated privileges. Local machine access is required, it cannot be exploited remotely, and it does not affect the security of VPN connections. We encourage all Windows users update to version 1.6.8 as soon as possible, particularly those in multi-user or enterprise environments. Thanks to Kacper Szurek for the discovery and notification.