Quantcast
Channel: Support Portal
Viewing all articles
Browse latest Browse all 1466

Re : What is the recommended procedure to update outdated/vulnerable Desktop Central components?

$
0
0
Depending on the vulnerability, I can see sometimes why a company doesn't want to 'advertise' the vulnerability on their website until they have a fix, provided they send out notifications to their customers when a fix is available and do so in a timely manner.

9 weeks after a fix/patch has been released from the official software provider is not an adequate response time for patching such a vulnerable component.

For anyone who wants it following this:

Here is the steps to upgrade the Open SSL version from 1.0.1i to  1.0.1j. 

  •    Download the File from the below link. 
  •     https://bonitas2.zohocorp.com/zipUploads/2014_23_12_15_43_16_p199ra400j1ib91sqs10b31ga11t4e0.tar.gz
  •    Stop the Desktopcentral Server.
  •    Go to the <Desktopcentral_Server>\apache folder
  •    Rename the folder bin\ to bin_old\ and modules\ folder to modules_old\
  •    Extract the zip and copy and paste the extracted bin\ and modules\ folder to <Desktopcentral_Server>\apache.
  •    Copy bin_old\*.csr ,bin_old\*.crtbin_old\*.key paste into bin\ folder
  •    Copy the file modules_old\mod_jk.so and modules_old\mod_jk.dll paste into modules\mod_jk.so and modules_old\mod_jk.dll.
  •    Now Start the Desktopcentral Server.

After completing the above steps, you can run the vulnerability tool to verify the same. 

Looking forward to hear from you. 

Regards,

-----
Saranraj K

I'm running Build No:90103, if that made any difference in the information that support provided me. Any problems, maybe try to upgrade to the newest hotfix first. I'm off to try it now myself.

All I ask is that you escalate this to a higher team internally to review your company policy and procedure on releasing updates for your own product and notifying your customers.

  Throughout this entire ordeal, I have felt that I have had to do most of the work just to protect myself and your software. It should be easier and much less of a hassle.





Viewing all articles
Browse latest Browse all 1466

Trending Articles