F-Secure Internet Gatekeeper hotfixes

Subscribe
Subscribe to Maintenance Release Notification Mailing Lists

Important
If you have a product whose version is no longer supported, it is recommended that you upgrade the product to its latest version. To view the list of supported F-Secure products, click here. To upgrade your product to its latest version, visit F-Secure® WebClub.

What to download?
Click this icon to download the hotfix for a stand-alone installation of an F-Secure product.
Click this icon to download the hotfix for a centrally administrated environment.

For important information about the hotfix installation, please refer to the hotfix installation FAQ.

F-Secure Internet Gatekeeper version 6.61

• All supported Windows platforms

This hotfix solves the following archive handing vulnerability: specially crafted archives can cause a product malfunction which may lead to unhandled exceptions visible as product crash, hang and/or possible remote code execution.

This vulnerability is described in more detail in FSC-2008-2.

Release notes for this hotfix can be found here.

Note: A reboot is not required after installing the hotfix.

F-Secure Internet Gatekeeper 6.61

• All supported Windows platforms

This hotfix solves a problem where specially crafted CAB and RAR archives can bypass antivirus scanning.

These vulnerabilities have been described in security advisory FSC-2008-1.

Release notes for this hotfix can be found here.

Note: A reboot is not required.

F-Secure Internet Gatekeeper 6.60

• All supported Windows platforms

This hotfix solves the following vulnerability:

• Several F-Secure products have a buffer overflow vulnerability in processing LHA archives. This may allow an attacker to execute arbitrary code or to create a denial-of-service condition. This vulnerability is related to a similar vulnerability in GZIP program’s handling of LZH-compressed archives.

Release notes for the hotfix can be found here.

This vulnerability is described in the following F-Secure Security Bulletin: FSC-2007-1.

OpenSSL has released a security advisory on several vulnerabilities. These OpenSSL vulnerabilities may cause Denial of Service, buffer overflows or crashes in applications using the OpenSLL libraries. F-Secure Internet Gatekeeper 6.60 employs the OpenSSL libraries in F-Secure Web Console and is only affected by the possible ASN.1 related DoS attack (CVE-2006-2937). Applying this hotfix removes the vulnerability.

This hotfix solves also two other issues with the Web Console. In some situations certain DNS settings and topologies may cause instability or slowness of the web console. These issues have been solved with this hotfix.

If you use earlier versions of the products, please download and install the latest version. The latest version of F-Secure Internet Gatekeeper is 6.60.

F-Secure strongly recommends to apply this hotfix. Release notes for the hotfix can be found here.

For more detailed information aboout the OpenSSL vulnerability, please see the related F-Secure Security Bulletin FSC-2006-6.

This hotfix solves two problems:

1. The product may report a failure when processing messages with invalid characters in domain names. These failures have occurred when the product has processed messages with invalid characters in domain names.

2. Problems when notifying sender about stopped message. These problems may occur when the action on infected or disallowed attachments has been set to "Stop the Whole Message" and notifications about this has been set to be sent to the sender. In this kind of a configuration the product may report "cannot be written due to The operation completed successfully" error message.

Applying this post-release fix is strongly recommended. Release notes for this hotfix can be found here.