Firmware Update Required: Polycom VVX and Trio Series Used with Skype for Business Online/Hybrid and Teams

By January 3, 2020 January 15th, 2020 Blog, Microsoft, Microsoft Teams, Security, Skype for Business
Poly VVX and Trio Update Required

UPDATED: 1/15/2019

On July 15th, 2020, Polycom VVX Series and Trio 8800/8500 devices used with Skype for Business Online, Skype for Business Hybrid, or Microsoft Teams that have not been updated to support Microsoft’s OAuth 2.0 will experience disruption.

Microsoft is requiring the use of Identity Platform 2.0, which uses OAutho2.0 authorization protocol, to increase security across their services. OAuth 2.0 is a method through which a third-party app can access web-hosted resources on behalf of a user, through a third-party application ID.

Polycom has released firmware updates that support the OAutho2.0 authorization protocol and include the Poly-specific application ID needed for authentication. Without this update, authentication to Microsoft services on these devices will fail.

Your IT Admin will need to grant permission to the third-party (in this case your Poly devices) to access your Microsoft services. This can be done via the consent URL at any time during the update.

What does this mean?

Specific Polycom devices—listed below—used for Skype for Business Online/Hybrid or Microsoft Teams will experience functionality issues. The effected devices include VVX Phones as well as Trio (8800, 8500), RealPresence Group Series, and CX series devices.

CX series devices will be unusable for Skype for Business Online/Hybrid or Microsoft Teams after this update.

The disruptions for non-updated devices based on platform are as follows:

  • Skype for Business Hybrid: loss of voicemail functionality and users may experience log-in errors.
  • Skype for Business Online or Microsoft Teams: devices will not authenticate and will not be functional.

What Your Organization Should Do:

  • If your organization is using Skype for Business Online/Hybrid or Microsoft Teams, determine if your organization is using any of the affected devices.
  • If your business is using an effected device, the devices must be updated prior to July 15th, 2020 with listed firmware below in order to avoid a loss in disruption.

Contact PEI for help with this update if you need assistance.

Firmware Update Versions:

Device NameFirmware VersionTimeline
Trio (8800, 8500)5.9.1AASeptember 2019
VVX Phones5.9.4September 2019
RealPresence Group Series6.2.1.1June 2019
CX5500TBDTBD

Need Help on Next Steps?

If you are unsure if these devices are in your organization or need help updating devices, please reach out to PEI at 303-974-6829 or email us at info@pei.com.

Poly FAQ:

QuestionAnswer
What happens if an upgrade to respective firmware (listed in the table above) is not performed?Effective January 15th, 2020 when users attempt to sign-in on devices that are not upgraded authentication will fail.
Would all 3PIPqualified releases (such as UC Software releases) include App ID changes proposed by Microsoft?No, only the specified and later versions in the table will have the changes. We request that customers go through the tenant wide consent first, then upgrade the device software.
What happens if device firmware is upgraded without going through the Consent URL?Impacted users’ authentication will fail to sign in; the tenant administrators are requested to perform the consent and retry the authentication.
When should tenant administrators perform the consent?Poly consent should be performed any time before upgrading the device firmware to avoid authentication failures.
If a tenant Administrator performs consent from the provided URL prior to upgrading firmware, will users have any sign-in issues?Users shall not have sign-in issues if tenant administrators perform acceptance on consent URL & then proceed with device Firmware upgrade.
Are Lync phone edition devices (CX Range) impacted by this change?Lync phones are out of support and end of life and will fail to sign-in due to lack of support for TLS 1.2.
Are the devices connecting to Skype for Business Server affected by this change?No, unless authentication is through OAuth to sign-in to the Skype for Business Server account.

To view the original version of this table, click here.

The original deadline for this update announced by Microsoft was January 15, 2020. Microsoft recently updated their original announcement to extend this deadline to July 15, 2020.

Leave a Reply

eleven + 17 =