+1 vote

Recently an important security issue was identified that impacts all known Efficy versions. The issue is related to inline SQL parameters that could allow an Efficy user to run unwanted update or delete statement in the database.

In recognition of the severity of this problem we have decided to release patches for the COM+ server for Efficy releases since 2012.

The following patched COM+ servers have been made available on the FTP server:

  • Efficy 11.2 EfficyServer 11.2.17771.dll
  • Efficy 11.1 EfficyServer 11.1.17772.dll
  • Efficy 11.0 EfficyServer 11.0.17773.dll
  • Efficy 10 SP2+ DServerDll 10.2.17791.dll
  • Efficy 10 SP1 DServerDll 10.1.17790.dll
  • Efficy 10 DServerDll 10.0.17792.dll
  • Efficy 2014 (6640) DServerDll 8.0.17794.dll
  • Efficy 2012 Summer DServerDll 7.0.17793.dll

We strongly recommend installing these patches on all production servers as soon as possible.
We apologize for the inconvenience.

Cheers,
Robert

asked ago in Partners by (836 points)
Sorry for all the work :-)

Please log in or register to answer this question.

Welcome to Efficy Overflow, where you can ask questions and receive answers from other members of the community.
1,166 questions
1,424 answers
1,715 comments
325 users