1 of 1 people found this helpful
It's installed painlessly here on our ePO 4.6.7 servers.
It only takes a few minutes to update.
I was a bit confused as the patch refers explicitly to version 4.6.7. Yet it appears to fix 4.6.7 and EARLIER - we have 4.6.6. Anyone tried the patch against 4.6.6 ?
I think an upgrade and patch is needed, from the link:
Frequently Asked Questions (FAQs)
What is affected by this security vulnerability?
- ePO 4.5 Patch 7 and earlier
- ePO 4.6.7 and earlier
- ePO 5.1.0 and earlier
- ePO 4.6.7 with 32-bit hotfix
- ePO 4.6.8 and later
- ePO 5.1 with 64-bit hotfix
- ePO 5.1.1 and later
it dosen't list 4.6.6 with hotfix as protected so think you need to upgrade it and then patch
Have installed on our test ePO 5.1 server. It only takes 10 minutes to install and so far so good. I would install it as soon as possible as 2 of the 6 fixes have a CVSS score of 10. A CVSS score of 10 is the highest and classified as the most severe.
Yes the CVSS score being a 10 is something that caught my eye! I know my security team advised me to upgrade ASAP as soon as they saw that.