F-Secure publishes hotfix on security vulnerability in DLL component

F-Secure has published a hotfix regarding a security vulnerability in a legacy DLL component.

Under certain circumstances, affected products may allow arbitrary connections to the ODBC drivers, leading to remote code execution.

Affected products and versions:

F-Secure Anti-Virus for Microsoft Exchange Server 9.00 - 9.10
F-Secure Anti-Virus for Windows Servers 9.00
F-Secure Anti-Virus Citrix Servers 9.00
F-Secure Email and Server Security 9.20
F-Secure Server Security 9.20
Solutions based on F-Secure Protection Service for Business Email and Server Security 9.00 - 9.20 (automatically updated)
Solutions based on F-Secure Protection Service for Business Server Security 9.00 - 9.20 (automatically updated)

For more information on the hotfix, refer to the Security Advisory FSC-2013-1.

Feel free to post questions or discuss about this hotfix in this thread.

Find more posts tagged with

Hello Tamas,

Thank you for pointing to this. Reboot is not required after installation of this fix.

Best regards,

Vad

Hello,

Knowledge base text fails to mention whether a reboot is needed post-fix? That is one very important piece of info for server-side products!

Best regards:

Tamas Feher, 2F 2000, Hungary.