Important: Please update all Winthrop Products to resolve an Installer Security Vulnerability

Winthrop Development Consultants was recently notified by InstallAware, the supplier of the installer software used for the distribution packages for all our products, that a Security Vulnerability was identify in their product. They have released a new version that resolves the issue.

However, the issue will exist on all machines that have used an installer built with the previous compromised versions of their installer software.

Using the newly fixed installer software, we have created and released new builds of all our products which should be installed at all customer and partner sites as soon as possible.

As a bonus, installing the new builds will give you access to all the latest enhancements, features and fixes.

Note: All workstations in a system must be updated to the new builds at the same time.

Below is the information from the product release notices:

Installer Critical Update

Critical Update: The InstallAware software used to create the installers for our products has been updated to resolve a recently identified critical DLL preloading vulnerability. As a copy of the installer remains on the machine for maintenance, update, removal, and repair tasks, the risk is ongoing until the system is updated with the fixed installer.

Please see the release notices for the new builds:

• #GPPT GP Power Tools build 29.1 released
• #BPST Batch Posting Service Toolkit build 12.1 released
• #VSIT Visual Studio Integration Toolkit build 17.1 released

Please update all workstations and servers where GP is installed to these latest builds as soon as possible.

David

This article was originally posted on http://www.winthropdc.com/blog.