basicsgogl.blogg.se

1. #Cisco webex productivity tools update serial number#
2. #Cisco webex productivity tools update install#
3. #Cisco webex productivity tools update update#
4. #Cisco webex productivity tools update upgrade#
5. #Cisco webex productivity tools update download#

Users can update the Cisco Webex Meetings Desktop App by launching the Cisco Webex Meetings application and clicking the gear icon in the top right of the application window and then choosing the Check for Updates entry from the drop-down list. This vulnerability is fixed in Cisco Webex Meetings Desktop App Release 33.6.4 and later releases. Fixed Releases Cisco Webex Meetings Desktop App (Cisco Webex Meetings Suite WBS33)

#Cisco webex productivity tools update serial number#

If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.Ĭustomers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC:Ĭustomers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release.

#Cisco webex productivity tools update upgrade#

When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page, to determine exposure and a complete upgrade solution. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. In most cases this will be a maintenance upgrade to software that was previously purchased.

#Cisco webex productivity tools update download#

By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license:Īdditionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner.

#Cisco webex productivity tools update install#

Customers may only install and expect support for software versions and feature sets for which they have purchased a license.

This is also documented in the article Check the Cisco Webex Productivity Tools Version for Windows.Ĭisco has released free software updates that address the vulnerability described in this advisory. To determine whether a vulnerable version of Cisco Webex Productivity Tools is installed on a Windows machine, users can right-click the Webex Productivity Tools icon on the Windows taskbar and select About from the menu a popup window displaying the currently installed version will open. This is also documented in the article Check the Cisco Webex Meetings Desktop App Version.

menu entry a popup window displaying the currently installed version will open. To determine whether a vulnerable version of Cisco Webex Meetings Desktop App is installed on a Windows machine, users can launch the Cisco Webex Meetings application and click the gear icon in the top right of the application window, then choose the About. This vulnerability affects all Cisco Webex Meetings Desktop App releases prior to 33.6.4, and Cisco Webex Productivity Tools Releases 32.6.0 and later prior to 33.0.6, when running on a Microsoft Windows end-user system. This advisory is available at the following link: A new fix was developed, and the advisory was updated on November 27, 2018, to reflect which software releases include the complete fix. There are no workarounds that address this vulnerability.Īfter an additional attack method was reported to Cisco, the previous fix for this vulnerability was determined to be insufficient. While the CVSS Attack Vector metric denotes the requirement for an attacker to have local access, administrators should be aware that in Active Directory deployments, the vulnerability could be exploited remotely by leveraging the operating system remote management tools.Ĭisco has released software updates that address this vulnerability. An exploit could allow the attacker to run arbitrary commands with SYSTEM user privileges.

An attacker could exploit this vulnerability by invoking the update service command with a crafted argument. The vulnerability is due to insufficient validation of user-supplied parameters. A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow an authenticated, local attacker to execute arbitrary commands as a privileged user.