Thursday, July 29, 2010

Vulnerabilities In Lotus Notes File Viewers

IBM has released an update for Lotus Notes email client. The update fixes vulnerabilities that are related to way how Notes handles file attachments. By exploiting these vulnerabilities it may be possible to execute arbitrary code in vulnerable system.

Affected versions are:
- Lotus Notes 8.5 series prior version 8.5.1 Fix Pack 4
- Lotus Notes 8.0 series prior version 8.0.2 Fix Pack 6
- Lotus Notes 7 series
- Lotus Notes 6.5 series
- Lotus Notes 5 series

Solution:
IBM recommends to install Lotus Notes 8.0.2 Fix Pack 6 or Lotus Notes 8.5.1 Fix Pack 4. If that's not possible then workarounds can be used. More about these and other details can be read from related support document.

No comments: