Progress ANSWERWORKS SECURITY UPDATE User Manual
AnswerWorks Security Update for OpenEdge
10.1A and 10.1B
Progress Software Corporation has been notified by Vantage Corporation regarding a
security vulnerability in the AnswerWorks Desktop runtime application that is installed with
OpenEdge Release 10.1A and OpenEdge Release 10.1B (Windows platforms only).
AnswerWorks provides the "Ask Me" tab in the MS HTML Help interface that allows you to
search the help (.CHM) files using a natural language query.
There have been no known exploits or reports of this issue to Vantage, OEM customers,
or end users. This patch is proactive to any efforts to exploit this vulnerability. Progress
Software Corporation has evaluated the security issue and has determined that the risk to
our customers is minimal. However, we do recommend that you eliminate the security risk
by doing the following:
If you are... Then do this...
Running OpenEdge 10.1A
Download the attached .zip file and do the
following:
1. Extract the contents of the .zip file into
a temporary directory, such as c:\temp.
Three files are extracted: AW4KillBit.reg,
awApi4.dll, and setup.bat.
2. Double-click the setup.bat file.
Verify that the update was successful by
doing the following:
1. Right-click your Start menu and select
Explore.
2. Go to c:\Program Files\Common
FilesAnswerWorks 4.0.
3. Right-click the AWAPI4.dll file and select
Properties.
Generated by Clearspace on 2010-12-17-05:00
1
AnswerWorks Security Update for OpenEdge 10.1A and 10.1B
4. Click the Version tab. If the file version is
4.0.0.101 the patch was installed successfully.
Running OpenEdge 10.1B Install the 10.1B03 service pack
On December 10, 2007 Microsoft released a security update to Internet Explorer that will
disable AnswerWorks (the "Ask Me" tab in the HTML Help systems) from functioning if you
have not already updated your OpenEdge 10.1A or 10.1B software as described in the table
above. If this occurs, simply follow the instructions above to update your software and reĀenable the AnswerWorks functionality.
Generated by Clearspace on 2010-12-17-05:00
2
Loading...