Version 1.6.8 of Viscosity has been released for both Mac and Windows! This release includes a number of improvements and bug fixes, an update to OpenVPN 2.3.14, and an important security fix for the Windows version (more information below).

Version 1.6.8 Mac Release Notes:

Version 1.6.8 Windows Release Notes:

This version includes more fine-grained detection of unsafe commands by now also taking the command's parameters into account. Where previously Viscosity may block a command as unsafe, the command could now be considered safe when certain parameter combinations are used. This should allow for less instances where the "Allow unsafe OpenVPN commands to be used" option needs to be enabled without compromising security.

This version also resolves a security issue that been identified in the Windows version of Viscosity that could potentially allow a local user to gain elevated privileges. Local machine access is required, it cannot be exploited remotely, and it does not affect the security of VPN connections. We encourage all Windows users update to version 1.6.8 as soon as possible, particularly those in multi-user or enterprise environments. Thanks to Kacper Szurek for the discovery and notification.

The 1.6.8 update can be automatically installed from inside Viscosity, or downloaded and manually installed. For support with this version please visit our support section.

Viscosity version 1.6.7 is now available for both Mac and Windows. This version is a small maintenance release that includes updated versions of OpenVPN and OpenSSL as well as small tweaks and fixes.

The Mac version also includes a work-around for instances where Viscosity may become unresponsive while waiting for a stuck ifconfig process. ifconfig is a system networking tool used by Viscosity and OpenVPN, and there have been reports of it hanging or freezing under OS X 10.11.6 and macOS 10.12.

Version 1.6.7 Mac Release Notes:

Version 1.6.7 Windows Release Notes:

The 1.6.7 update can be automatically installed from inside Viscosity, or downloaded and manually installed. For support with this version please visit our support section.

Version 1.6.6 of Viscosity has been released for both Mac and Windows! There are a number of new feature additions, improvements, and bug fixes, including an update to OpenVPN 2.3.12.

In particular this release makes it easier to manage multiple connections that share login credentials or scripting actions. Connection folders can now be edited to allow saved credentials to be shared among all connections in the folder, as well as Before Connect, Connected, and Disconnected scripts to be run for all connections in the folder as well. For more information please see Sharing Credentials and Scripts with Multiple Connections.

As part of the update to OpenVPN 2.3.12, a warning message will be now displayed in the connection log if the encryption algorithm (the cipher) being used has a block size of less than 128 bit. This is in response to the recent "Sweet32" attack against ciphers using a 64 block size.

While difficult to exploit, users receiving this warning should consider contacting their VPN Provider and encourage them to update their OpenVPN configuration to use a more secure cipher, such as AES-128-CBC. For example, this can be easily done by adding the command "cipher AES-128-CBC" to the OpenVPN server and client configurations. For more information, and other available countermeasures, please see the Sweet32 information page.

Version 1.6.6 Mac Release Notes:

Version 1.6.6 Windows Release Notes:

The 1.6.6 update can be automatically installed from inside Viscosity, or downloaded and manually installed. For support with this version please visit our support section.

Viscosity version 1.6.5 is now available for both Mac and Windows. This version includes a number of improvements for Mac users with IPv6 enabled VPN connections and networks, as well as a array of small bug fixes and improvements for both Mac and Windows platforms. The Windows version also updates the VPN Network Adapter driver to better support future Windows versions.

Version 1.6.5 Mac Release Notes:

Version 1.6.5 Windows Release Notes:

The 1.6.5 update can be automatically installed from inside Viscosity, or downloaded and manually installed. For support with this version please visit our support section.

Version 1.6.4 of Viscosity has been released for both Mac and Windows! This version includes a number of updated components, including OpenVPN 2.3.11, OpenSSL 1.0.2h, and an update to the Windows VPN Network Adapter driver to improve security.

While the security vulnerabilities addressed in the OpenSSL update are not believed to affect OpenVPN client connections, we still recommend updating. Both releases also include a number of small bug fixes and tweaks based off recent reports and feedback.

Version 1.6.4 Mac Release Notes:

Version 1.6.4 Windows Release Notes:

The 1.6.4 update can be automatically installed from inside Viscosity, or downloaded and manually installed. For support with this version please visit our support section.

Version 1.6.3 of Viscosity for Windows is now available! This version includes a few small tweaks and bug fixes to ensure Viscosity connections run smoothly for Windows users. In particular this release resolves a rare annoying issue where a connection could mistakenly become marked as unreachable and disconnected shortly after connection.

Version 1.6.3 Windows Release Notes:

The 1.6.3 update can be automatically installed from inside Viscosity, or downloaded and manually installed. For support with this version please visit our support section.

Version 1.6.2 of Viscosity is now available for both Mac and Windows! This is primarily a maintenance release, with lots of bug fixes and small tweaks. Please see the release notes below for the full details.

Version 1.6.2 Mac Release Notes:

Version 1.6.2 Windows Release Notes:

The 1.6.2 update can be automatically installed from inside Viscosity, or downloaded and manually installed. For support with this version please visit our support section.

Version 1.6.1 of Viscosity for both Mac and Windows is now available! This version follows up the recent 1.6 release with several small requested feature enhancements and bug fixes.

The update adds support for using the Import Connection From Server feature on servers requiring two-factor authentication. Users will now be prompted for their two-factor response when required.

Viscosity also now allows the DNS mode of choice to be pushed remotely from the OpenVPN server using a pushed "dhcp-option" command when Automatic mode is used. For example push "dhcp-option DNSMODE full" or push "dhcp-option DNSMODE split".

Version 1.6.1 Mac Release Notes:

Version 1.6.1 Windows Release Notes:

The 1.6.1 update can be automatically installed from inside Viscosity, or downloaded and manually installed. For support with this version please visit our support section.

We're pleased to announce that version 1.6 of Viscosity is now available for both Mac and Windows! This update contains a huge number of new features, improvements, bug fixes, and tweaks.

We've placed a special focus on overhauling and upgrading Viscosity's DNS system, with new features such as connection specific DNS modes, DHCP assigned DNS and WINS settings, improved support for IPv6 DNS servers, and bringing Viscosity's highly advanced split DNS system to Windows. More information about the DNS changes can be found in the Upcoming DNS Features and Changes in Viscosity 1.6 blog post.

The Details window has also been updated to look at home on recent versions of Mac OS X and Windows, with smoother graph rendering and a more modern appearance. OpenVPN has been updated to version 2.3.10, and OpenSSL has been updated to version 1.0.2f.

Version 1.6 also contains an assortment of other improvements, including support for setting browser web proxies, improved virtual network drivers for Windows 7 and later, workarounds for iCloud clashes that could result in iMessage or Back to My Mac connectivity problems, and many more. Please refer to the release notes below for a complete list of changes.

Version 1.6 Mac Release Notes:

Version 1.6 Windows Release Notes:

Finally, please note that version 1.6 drops support for OS X 10.7 and Windows XP. OS X 10.8 and Windows Vista are now the minimum operating system versions required.

The 1.6 update can be automatically installed from inside Viscosity, or downloaded and manually installed. For support with this version please visit our support section.

Viscosity 1.6, due for release shortly, has some new and exciting improvements to the DNS engine. These changes allow for much greater functionality and control over DNS settings, and for more powerful and advanced VPN setups.

For the vast majority of users transitioning from a previous version of Viscosity to version 1.6 will be seamless. Viscosity's DNS settings for all connections will default to "Automatic" mode under 1.6, where it will attempt to intelligently determine whether DNS should be enabled, and if so what mode (Full or Split) is desired.

However in some rare instances upgrading users may wish to override the Automatic behavior and manually set the DNS mode and related settings. This blog post is designed to give a quick overview of the newly available DNS options and how they function in advance of the 1.6 release so you can determine whether you wish to change the DNS behavior of your connections after upgrading.

Connection Specific DNS Settings

Previous versions of Viscosity allowed DNS to be enabled or disabled on a per-connection basis, and the DNS servers and domains to be used. However the "Apply DNS settings simultaneously" (equivalent to the new "Split" option) could only be applied on a global basis to all connections. This presented a problem for users who wanted differing DNS modes for connections as it required manually toggling the option on and off and required.

Viscosity 1.6 now allows DNS settings to be customized on a per-connection basis by introducing several new DNS modes: Automatic, Full DNS, Split DNS, and Disabled.

Full DNS mode ensures that your VPN's DNS servers become the primary DNS servers on your computer and that they are used for all lookups by default. This is typically the mode you'll use when connecting to a VPN Service Provider. Split DNS mode instead uses your VPN's DNS servers for only VPN domains. For example, using split DNS you can set the domain "example.com" and have requests such as "www.example.com", "myserver.example.com" etc. only use your VPN's DNS servers. For more information please see the Configuring DNS and WINS settings support article.

Automatic mode will intelligently determine which mode should be used, and it is the recommend mode to use in most instances. Viscosity will look at the VPN and routing settings being used to determine the best DNS mode. If all traffic is being routed through the VPN connection Full DNS mode will be automatically used. Likewise, if a split-routing setup is used and DNS domains are set, then Split DNS mode will be automatically used. Finally, DNS will be automatically disabled if there are no DNS servers present. Viscosity will log which mode is being used for a connection in the OpenVPN log.

Version 1.6 also introduces a new "Ignore DNS settings sent by VPN server" option, allowing DNS and WINS settings sent by the remote VPN or DHCP server to be ignored if desired.

Advanced Split DNS For Windows

While the Mac version of Viscosity has been able to perform split DNS since through the use of the old "Apply DNS settings simultaneously" option, the Windows version has not. We're pleased to announce that version 1.6 introduces an advanced internal DNS system for the Windows platform that enabled true split DNS functionality. DNS requests for VPN specific domains for a connection will only ever use your VPN connection's DNS servers. This allows you, for example, to remotely connect to your workplace's network and have DNS requests for work domains use your workplace's DNS servers, while your standard network traffic uses your normal DNS servers.

DHCP Assigned DNS Settings

A highly requested feature that we're pleased to say Viscosity 1.6 implements is DHCP DNS and WINS support. Viscosity can now use DNS servers, WINS servers, and DNS domains set by a remote DHCP server on bridged (Tap) connections. This allows for easier integration of a VPN server with an existing network, with no need to have the OpenVPN server push out duplicate settings or to set them locally in Viscosity. These options can also be easily ignored by using the "Ignore DNS settings sent by VPN server" option.

Improved DNS IPv6 Support

Finally, Viscosity 1.6 also greatly improves support for IPv6 DNS servers. You can expect greater stability and improved performance of IPv6 servers over previous versions of Viscosity.

Version 1.6 of Viscosity is expected to be available shortly for both Mac and Windows, with many more exciting features and updates than just the DNS-related changes listed above. Please keep an eye on our Blog, Twitter account, or Viscosity's inbuilt automatic update support for notification of when it's available.