24-04-2013 12:44 PM
F-Secure has published a hotfix regarding a security vulnerability in a legacy DLL component.
Under certain circumstances, affected products may allow arbitrary connections to the ODBC drivers, leading to remote code execution.
Affected products and versions:
- F-Secure Anti-Virus for Microsoft Exchange Server 9.00 - 9.10
- F-Secure Anti-Virus for Windows Servers 9.00
- F-Secure Anti-Virus Citrix Servers 9.00
- F-Secure Email and Server Security 9.20
- F-Secure Server Security 9.20
- Solutions based on F-Secure Protection Service for Business Email and Server Security 9.00 - 9.20 (automatically updated)
- Solutions based on F-Secure Protection Service for Business Server Security 9.00 - 9.20 (automatically updated)
For more information on the hotfix, refer to the Security Advisory FSC-2013-1.
Feel free to post questions or discuss about this hotfix in this thread.
Has your issue been solved? Mark the post using the "Accept as Solution" button to let others know.
29-04-2013 10:56 AM
Knowledge base text fails to mention whether a reboot is needed post-fix? That is one very important piece of info for server-side products!
Tamas Feher, 2F 2000, Hungary.