• InstallShield vulnerability (CVE-2016-2542)
  • Active X controls
    		•

    Ibm® Sterling Connect: Direct




    Download 84,26 Kb.
    bet2/47
    Sana24.03.2021
    Hajmi84,26 Kb.
    #13516
    1   2   3   4   5   6   7   8   9   ...   47
    Important Notices


    • IBM Sterling Connect:Direct for Microsoft Windows 4.7.0.6 introduced support for 'Operator' user local functional authority type. To support this functionality both, Sterling Connect:Direct Requester and Sterling Connect:Direct for Microsoft Windows server must be upgraded to 4.7.0.6, 4.8.0.1, 6.0.0.2 or later.



    • An InstallShield vulnerability (CVE-2016-2542) was disclosed by Flexera, which affects all base, fix pack and iFix installers prior to IBM Sterling Connect:Direct for Microsoft Windows 4.7.0.4. The vulnerability was address in version 4.7.0.4 and later. For more information, and when installing a version prior to 4.7.0.4, review the security bulletin at http://www.ibm.com/support/docview.wss?uid=swg21979075:
      Security Bulletin: Vulnerability in InstallShield affects IBM Sterling Connect:Direct for Microsoft Windows (CVE-2016-2542)



    • There have been some reports of antivirus software detecting a threat within Sterling Connect:Direct for Windows, resulting in the normal operation of Connect:Direct being blocked. IBM believes the threat results to be a false positive. You should ensure that you have the latest updates for your antivirus software and in case of any questions, please contact IBM Technical Support.



    • Starting with version 4.7.0.5, CD Secure+ Admin Tool (SPAdmin) and CD Secure+ CLI (SPCli) will display warnings when deprecated cipher suites or protocols are configured. Since these cipher suites and protocols can expose your node to known vulnerabilities, it is highly recommended that you update your Secure+ configuration accordingly. Please not that deprecated cipher suites and protocols may be disabled in a future update.



    • When applying an iFix or fix pack to IBM Sterling Connect:Direct for Microsoft Windows installed in a failover cluster environment, run the installer executable on each machine in the cluster where the product is installed. Follow the instructions outlined in the cluster white paper at http://www-01.ibm.com/support/docview.wss?uid=swg27040600:
      Deploying IBM Connect:Direct in a Microsoft Windows Failover Cluster



    • When installing or updating IBM Sterling Connect:Direct SDK for Windows and using the Active X controls, verify that the CDStats.ocx and CDSubmit.ocx components are registered correctly. If they do not function properly, use regsvr32.exe to first unregister and then register these components again.



    Download 84,26 Kb.
    1   2   3   4   5   6   7   8   9   ...   47




    Download 84,26 Kb.