Important Notice for Act! Customers
We recently became aware of a security vulnerability within our Act! Pro, Act! Premium, and Act! Growth Suite software that may make it easier for a threat actor to gain unauthorised access to your system. To address this vulnerability, updates are available for supported versions of Act!. View the Act! Support Obsolescence Policy. See additional version and deployment-specific details below.
Act! Premium & Act! Growth Suite On-Premises Subscribers
(Act! Premium and Act! Premium Plus)
To ensure the vulnerability described above is addressed, you will need to apply the appropriate update for your supported version as soon as possible. If you are currently running Act! v21 or earlier, you will need to upgrade to Act! v24 Update 4 to address this issue. Customers who host or sync their software via a 3rd party hosting provider should contact that provider immediately to discuss the appropriate remedy.
Updates are being made available for Act! v24, Act! v23, and Act! v22.1*. See below for the release schedule and instructions.
Act! Premium & Act! Growth Suite Cloud Subscribers
To ensure the vulnerability described above is addressed, an update is required for your supported version.
- Customers who solely access Act! in the cloud (hosted by Act!) are no longer exposed to this vulnerability, thus no action is required.
- Customers who sync a local instance of Act! to Act! in the cloud (hosted by Act!) must apply the appropriate update for their supported version on their local instance by April 19, 2022 in order to continue syncing.
- Customers who sync a local instance of Act! via their own network (LAN, VPN, site-to-site internet sync) will not experience an interruption in sync services but remain at risk until they apply the appropriate update for their supported version.
- Customers who host or sync their software via a 3rd party hosting provider should contact that provider immediately to discuss the appropriate remedy.
Updates are being made available for Act! v24, Act! v23, and Act! v22.1*. If you are currently running a local instance of Act! v21 or earlier, you will need to upgrade to Act! v24 Update 4 to address this issue. See below for the release schedule and instructions.
Pro & Premium Perpetual License Holders
Pro Perpetual License Holders:
To ensure the vulnerability described above is addressed, you will need to apply the appropriate update for Act! Pro v22.1 or upgrade to Act! v24 Update 4. If you are currently running Act! Pro v21 or earlier, you will need to upgrade to Act! v24 Update 4 to address this issue. Customers who host or sync their software via a 3rd party hosting provider should contact that provider immediately to discuss the appropriate remedy.
A one-time update will be made available Act! Pro v22.1*.
Premium Perpetual License Holders:
To ensure the vulnerability described above is addressed, you will need to apply the appropriate update for your supported version as soon as possible. If you are currently running Act! v21 or earlier, you will need to upgrade to Act! v24 Update 4 to address this issue. Customers who host or sync their software via a 3rd party hosting provider should contact that provider immediately to discuss the appropriate remedy.
Updates will be made available for Act! v24, Act! v23, and Act! v22.1*.
See below for the release schedule and instructions.
Available Updates & Instructions
Updates are being made available for Act! v24, Act! v23 and Act! v22.1. To ensure the vulnerability described above is addressed, you will need to apply the appropriate update for your supported version as soon as possible.
Available Updates:
Note: Customers who host or sync their software via a 3rd party hosting provider should contact that provider immediately to discuss the appropriate remedy.
Frequently Asked Questions
A vulnerability was recently identified in Act! via routine penetration testing. The Act! engineering team has reviewed, fixed and re-assessed the vulnerability with a third-party threat intelligence vendor. Updates that address this issue are being made available for Act! v24, Act! v23, and Act! v22.1*. See above for the release schedule and instructions.
No, we are not currently aware of any bad actors taking advantage of the vulnerability.
Per the Act! Support Obsolescence Policy, updates are being made available for supported versions of Act!*.
To ensure that this vulnerability is addressed, an update for your supported version is required*. See above for the remedy specific to your version and deployment method. If you are currently running Act! v21 or earlier, you will need to upgrade to Act! v24 Update 4 to address this issue. Customers who host or sync their software via a 3rd party hosting provider should contact that provider immediately to discuss the appropriate remedy.
To find the version of Act! you’re currently on, go to Help > About Act! in the top navigation of Act!.
*Note for Act! v22.x users: As of March 31, 2022, Act! v22.x products are no longer supported. However, if you are running Act! v22.x and elect not to upgrade to Act! v24 Update 4 or another supported version, we will be making available a one-time update for Act! v22.1 that addresses this specific issue. Please note that this decision to provide an update for Act! v22.1 in this instance shall not be precedent, or require us to provide, neither now nor in the future, any fixes for additional issues that may or will arise after the date of obsolescence as specified in the Act! Support Obsolescence Policy at act.com/obs.