>2007 > November 21

Important Notification to our customers using software
with online update function

We appreciate your patronage of our products.
We, Digital Electronics Corporation, have recently discovered the following issue with online update function of our software, GP-Pro EX, GP-Viewer EX and Pro-Server EX. We would like to report the detailed information and solution below. We sincerely apologize for any inconvenience this may cause to our customers.

Outline

The vulnerability of the buffer overflow was found in online update function.

Affected Customers

Customers who have purchased the following software

• GP-Pro EX : Ver. 2.10.100 or lower
• Pro-Server EX : Ver. 1.22.000 or lower
• GP-Viewer EX : Ver. 1.00.100 or lower

Occurrence Condition

The issue may occur when the software written in above "Affected Customers" has been installed.

Description

The vulnerability of the buffer overflow was found in online update function. There was a problem in the module of online update which is provided by Macrovision Corporation, and an unexpected operation might be executed.

→ http://support.installshield.com/kb/view.asp?articleid=Q113602

Avoidance Method

This issue can be fixed by applying the patch for the UpdateService vulnerability using one of the following methods.

• Update from Online

Start up the GP-Pro EX/GP-Viewer EX/Pro-Server EX, and select [Confirm Update] of each product in the [Help (H)] menu bar.
For detailed procedure, please refer to the Manual.

• Update with Update Module downloaded from our website

Download the update module from the following website and update using the module.

→ Patch for UpdateService weak

* Membership Registration (free) is required for our support site "Otasuke Pro!"