Reply
F-Secure
Jenni
Posts: 780
Registered: ‎19-03-2013

F-Secure publishes hotfix on security vulnerability in DLL component

F-Secure has published a hotfix regarding a security vulnerability in a legacy DLL component.

 

Under certain circumstances, affected products may allow arbitrary connections to the ODBC drivers, leading to remote code execution.

 

Affected products and versions:

  • F-Secure Anti-Virus for Microsoft Exchange Server 9.00 - 9.10
  • F-Secure Anti-Virus for Windows Servers 9.00
  • F-Secure Anti-Virus Citrix Servers 9.00
  • F-Secure Email and Server Security 9.20
  • F-Secure Server Security 9.20
  • Solutions based on F-Secure Protection Service for Business Email and Server Security 9.00 - 9.20 (automatically updated)
  • Solutions based on F-Secure Protection Service for Business Server Security 9.00 - 9.20 (automatically updated)

For more information on the hotfix, refer to the Security Advisory FSC-2013-1.

 

Feel free to post questions or discuss about this hotfix in this thread.

Has somebody helped you? Give Kudos as a way to say "thanks!"
Has your issue been solved? Mark the post using the "Accept as Solution" button to let others know.
Trusted Contributor
etomcat
Posts: 212
Registered: ‎23-03-2012

Re: F-Secure publishes hotfix on security vulnerability in DLL component

Hello,

 

Knowledge base text fails to mention whether a reboot is needed post-fix? That is one very important piece of info for server-side products!

 

Best regards:

Tamas Feher, 2F 2000, Hungary.

F-Secure
F-Secure
Vad
Posts: 237
Registered: ‎11-08-2011

Re: F-Secure publishes hotfix on security vulnerability in DLL component

Hello Tamas,

 

Thank you for pointing to this. Reboot is not required after installation of this fix.

 

Best regards,

Vad