Quantcast
Channel: Shavlik User Community : Document List - All Communities
Viewing all articles
Browse latest Browse all 1352

Change in CVE syntax will break Protect without Patch 2 installed for Protect 9.0 and 9.1

$
0
0

Overview


There have been an incredibly large number of vulnerabilities this year, which unfortunately is going to cause asyntax change in MITRE CVE-ID.   The current syntax will max out at 9,999 vulnerabilities, so the change is to start adding additional digits.  When the CVE count breaks 10,000, MITRE will be adding an extra digit onto the end of their CVE-IDs.  The resulting CVE change will drive a change in how we import content for Shavlik Protect 9.1 and 9.0.

 

The deadline for the change is January 15, 2015, but due to the high volume of vulnerabilities releasing this year the change in format may be forced upon us early.  We have released an update for Protect 9.1 and are working on the Protect 9.0 update to prevent the format change from causing issues.  The patch will prevent import of new content from failing, avoiding an inconvenience to our customers.  Protect 9.1 Patch 2 is available now and the Protect 9.0 Patch 2 will be coming in the next couple of weeks. Although the updates do not include a security fix, this is a critical bug fix to avoid a customer outage. 

 

To upgrade you can follow the instructions below based on version of Protect. 

 

Upgrade Protect 9.1 to Patch 2:

 

Upgrade Protect 9.0 to 9.1 Patch 2 or 9.0 Patch 2:

  • (Recommended) For 9.0 customers you will now see that auto update to 9.1 Patch 2 is enabled in product.  You can click the auto update link in the bottom right corner of Protect when you open it and it will download the full installer upgrading you to Protect 9.1 Patch 2.

  You must be on a Windows 7 or 2008 r2 x64 or later OS to upgrade to Protect 9.1. 

 

  • If you are unable to upgrade to Protect 9.1 Patch 2 at this time we are in the process of releasing a similar fix for Protect 9.0.  This update will be coming in a few of months and can be applied very easily to Protect 9.0.  The change is entirely database schema related so no binaries are updated on Protect 9.0 console. 

 

  If you have not applied Patch 2 for either version, there will be a point in the not too distant future where you may not be able to import new content.  We would like to avoid this as much as you would, so plan for this patch update as soon as possible. 

 

Additional Information

 

Release notes for Patch 2 for Protect 9.1: Shavlik Protect Standard/Advanced 9.1 Patch 2 Release Notes

Release notes for Patch 2 for Protect 9.0: This will be update once the patch is released.

 

Products

 

Protect 9.x



Viewing all articles
Browse latest Browse all 1352

Trending Articles