Sage 100

 View Only

  • 1.  Important Security Update for Sage 100 and Sage 300 (starting 10-31-25)

    Posted 08-13-2025 09:57
    Edited by Brett Zimmerman 08-13-2025 10:01

    Important Security Update for Sage 100 and Sage 300 (https://communityhub.sage.com/us/sage_partners/f/sage-100-general-partner-discussion/253837/important-security-update-for-sage-100-and-sage-300)

    Posted By

    To strengthen data security, Sage will block outdated encryption ciphers used by Windows and Windows Server when connecting to Sage licensing servers, starting October 31, 2025. These ciphers are not part of Sage 100 or Sage 300.

    Customers using older Windows or Windows Server versions that rely on these weaker ciphers may be impacted. These include Windows Server 2012 and Windows 8 or earlier, although cipher prioritization settings may also cause issues in newer versions. 

    What happens if communication is blocked?

    • Sage 100: The subscription expiration date in the product won't be updated, and the software will continue to run until the stored expiration date is reached. After that, users will see "subscription expired" messages, and the product will switch to read-only mode after 45–60 days.
    • Sage 300: Warning messages may appear immediately. The product will also switch to read-only mode after 45–60 days.

    What to do next

    • Customers already identified as affected will be contacted via their channel partner to upgrade their systems.
    • Customers running Windows Server 2012 should upgrade to a supported version of Windows Server even if not contacted, as they are likely to encounter the problem even if not already identified.
    • Customers running old versions of Sage 100 or Sage 300 may need to upgrade to a version compatible with supported versions of Windows Server. Currently supported versions of Sage 100 and 300 (2023, 2024, 2025) support both Windows Server 2022 and 2025.
    • Any customer receiving subscription warning messages should contact their partner or Sage support to determine and resolve the root cause, even if on a supported version of Windows Server.

    Need help?   

    Visit www.Sage.com/Resources for options, including links to Sage Knowledgebase, Community Hub, Sage University, as well as Chat and Online Case submission. 



    ------------------------------
    Brett Zimmerman
    Net at Work
    Greater Boston Area
    ------------------------------



  • 2.  RE: Important Security Update for Sage 100 and Sage 300 (starting 10-31-25)

    Posted 08-14-2025 08:23

    I just tried the link since I was hoping they'd list the specific ciphers they will block/allow, but they pulled the post?!?  Whenever it rears its head again, we can use IISCrypto to limit the available ciphers.



    ------------------------------
    Steve Iwanowski, NextStep Technology Advisors, aka DSD Lancaster PA ¯\_(ツ)_/¯
    ------------------------------



  • 3.  RE: Important Security Update for Sage 100 and Sage 300 (starting 10-31-25)

    Posted 08-18-2025 10:41

    I believe this was briefly discussed at the 8/7 roundtable, with Sage mentioning approximately 12 affected customers. I don't recall any further details being shared during the webinar, and I'm not sure if they have more information. 



    ------------------------------
    Wayne Schulz
    wayne@s-consult.com
    Schulz Consulting
    (860) 516-8990
    CT
    ------------------------------



  • 4.  RE: Important Security Update for Sage 100 and Sage 300 (starting 10-31-25)

    Posted 08-18-2025 10:53

    Based on the small (insignificant to me) number announced in play, I did not think it was a big deal to my clients.



    ------------------------------
    Jeff Schwenk
    Owner
    Bottomline Software, Inc.
    Waynesboro VA
    (540) 221-4444

    Improving bottom lines for over 25 years!
    ------------------------------

    Original Message


  • 5.  RE: Important Security Update for Sage 100 and Sage 300 (starting 10-31-25)

    Posted 08-20-2025 20:20

    On 8/20/2025 Sage had a Sage 100 Quarterly Partner Call and one of the topics in the slide deck had to do with this security. Sage claims they will share more information and while I'd like to trust that will be the case I am not planning on hearing much more about this unless it really impacts a lot of paying subscription customers. I don't know if Sage considers this to be distributable to end users or for internal use only.


    Link to Microsoft Patch:

     
    Update adds new TLS cipher suites and changes cipher suite priorities in Windows 8.1 and Windows Server 2012 R2\


    https://support.microsoft.com/en-gb/topic/update-adds-new-tls-cipher-suites-and-changes-cipher-suite-priorities-in-windows-8-1-and-windows-server-2012-r2-8e395e43-c8ef-27d8-b60c-0fc57d526d94



    ------------------------------
    Wayne Schulz
    wayne@s-consult.com
    Schulz Consulting
    (860) 516-8990
    CT
    ------------------------------



  • 6.  RE: Important Security Update for Sage 100 and Sage 300 (starting 10-31-25)

    Posted 08-21-2025 14:36

    @Wayne Schulz thank you for tracking down the MS patch! 



    ------------------------------
    Eric Lunceford
    First Mate Business Solutions
    Oklahoma City, OK
    877-880-8960
    ------------------------------

    Original Message


Related Content