API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 26th, 2019
218
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.70 KB | None | 0 0
raw download clone embed print report
  1.  
  2.  
  3. Target audience: This notice applies to iManage Work on-premises environments running iManage Work Server version 9.5 R2 through 10.2.0.
  4.  
  5. On this page:
  6.  
  7. Issue description
  8. Background
  9. Action
  10. Disclaimer
  11. Remember to Follow for updates
  12.  
  13. Issue description
  14.  
  15. A security vulnerability was discovered in iManage Work Server during security testing. The impacted versions of iManage Work Server are installed in on-premises environments.
  16.  
  17. This vulnerability requires the immediate application of a patch update to avoid a potential breach.
  18. Background
  19.  
  20. iManage performs security testing internally and through third-party resources as part of our standard quality assurance process. This vulnerability was identified during our most recent round of testing, and consistent with iManage Security Policy it prompted immediate actions to identify the root cause and to initiate a remediation plan for all customers.
  21.  
  22. For our customers' protection, we reserve the right to not disclose or discuss security issues and the details thereof until we confirm the identified security vulnerability has been remediated with the necessary patch update(s) for all impacted customers.
  23. Action
  24.  
  25. In this section:
  26.  
  27. Actions taken by iManage for on-premises customers
  28. Actions to take in your on-premises environment
  29.  
  30.  
  31. Actions taken by iManage for on-premises customers
  32.  
  33. iManage has taken the following steps to remediate this issue for iManage Work on-premises customers:
  34.  
  35. Released a security patch update for the versions of iManage Work Server affected by this issue. See Actions to take in your on-premises environment.
  36. Released a new build of iManage Work Server 10.2.0 (10.2.0.186) that contains the required security update. The new build is available on the iManage Work Server 10.x release page.
  37. Removed all affected iManage Work Server installation packages from Help Center.
  38.  
  39. NOTE: In addition to the new build of iManage Work Server 10.2.0 (10.2.0.186) that is now available, we are evaluating a re-release of full installation packages for other versions affected by this issue.
  40.  
  41. Click Follow at the top of this advisory page to receive email updates about this pending action item and all other news for this critical issue.
  42.  
  43.  
  44. Actions to take in your on-premises environment
  45.  
  46. Please complete all steps listed in the following sections:
  47.  
  48. Delete existing copies of affected iManage Work Server installations.
  49. Download the security patch update.
  50. Install the security patch update.
  51. Validate the patch update.
  52.  
  53.  
  54.  
  55. 1. Delete existing copies of affected iManage Work Server installations.
  56.  
  57. Delete any copies of installation packages you previously downloaded for versions of iManage Work Server impacted by this issue.
  58. Ensure that you do not use any previously downloaded installation packages in your environment including development, testing, and production environments.
  59.  
  60.  
  61.  
  62. 2. Download the security patch update.
  63.  
  64. Download iManage Work Server 10.2.0.186 to update all on-premises Work Server 10.2.0.x versions.
  65.  
  66. Download the security patch update that applies to the on-premises 9.5 R2 - 10.1.3 versions of iManage Work Server and complete the steps provided in the Install the security patch update and Validate the security patch update sections below.
  67.  
  68. iManage Work Server versions
  69.  
  70.  
  71. Security patch update
  72. 10.2.0 (10.2.0.122 - 10.2.0.175)
  73.  
  74. Download and install
  75. Work Server 10.2.0.186.
  76.  
  77. See iManage Work Server 10.x for installation and release notes downloads.
  78. 10.1.3
  79.  
  80. Download
  81. 10.1.2 (10.1.2.42 - 10.1.2.45)
  82. 10.1.1
  83. 10.1
  84. 10.0.2
  85. 10.0.1
  86. 10
  87. 9.5 R2
  88.  
  89.  
  90.  
  91. The iManage Work Server Security Update 2019-06-25.zip file download contains two security patch files:
  92.  
  93. iManage Work Server Security Update 20190625 Verbose.exe - Patch installation loads in the Windows PowerShell console, requires acknowledgement to begin the installation process, and records status messages in the console window.
  94. iManage Work Server Security Update 20190625 Silent.exe - Patch installation runs silently and requires no additional interaction to begin the installation process.
  95.  
  96.  
  97.  
  98. 3. Install the security patch update.
  99.  
  100. Follow the steps below to install the security patch update according to your desired installation type:
  101.  
  102. Install the security patch update using the Verbose patch
  103. Install the security patch update using the Silent patch
  104.  
  105. The installation steps assume you downloaded the iManage Work Server Security Update 2019-06-25.zip file referenced in the Download the security patch update section.
  106.  
  107.  
  108.  
  109. Install the security patch update using the Verbose patch (iManage Work Server Security Update 20190625 Verbose.exe)
  110.  
  111. To install the security patch update using the iManage Work Server Security Update 20190625 Verbose.exe file, complete the following steps on each iManage Work Server in your environment.
  112.  
  113. NOTE: The security patch update stops and restarts the iManage Work Server service.
  114.  
  115. Extract the contents of the iManage Work Server Security Update 2019-06-25.zip file to your Work Server machine.
  116. Open the iManage Work Server Security Update 2019-06-25 folder found in the extracted ZIP file contents.
  117. Double-click the iManage Work Server Security Update 20190625 Verbose.exe file.
  118. Type y and press Enter in the Windows PowerShell console when prompted to start the patch installation process.
  119. Follow the status messages recorded in the Windows PowerShell console until the installation process finishes and close the console window.
  120.  
  121.  
  122.  
  123. Install the security patch update using the Silent patch (iManage Work Server Security Update 20190625 Silent.exe)
  124.  
  125. To install the security patch update using the iManage Work Server Security Update 20190625 Silent.exe file, complete the following steps on each iManage Work Server in your environment.
  126.  
  127. NOTE: The security patch update stops and restarts the iManage Work Server service.
  128.  
  129. Extract the contents of the iManage Work Server Security Update 2019-06-25.zip file to your Work Server machine.
  130. Open the iManage Work Server Security Update 2019-06-25 folder found in the extracted ZIP file contents.
  131. Double-click the iManage Work Server Security Update 20190625 Silent.exe file.
  132. (Optional) Open the System log in Windows Event Viewer and verify that the installation recorded the following Information level status messages:
  133.  
  134. Starting iManage Work Server patching. Stopping Work Server service.
  135.  
  136. Finished iManage Work Server patching. Started Work Server service.
  137.  
  138.  
  139.  
  140. 4. Validate the patch update.
  141.  
  142. We will release a patch update validation tool in the near future.
  143.  
  144. Click Follow at the top of this advisory page to receive an email update once the patch validation tool is available in Help Center.
  145.  
  146.  
  147. Disclaimer
  148.  
  149. The information provided is provided "as is" without warranty of any kind. iManage disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall iManage be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if iManage has been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
  150. Remember to Follow for updates.
  151.  
  152. If you haven't already subscribed to receive iManage Support notifications, complete these two quick steps to stay informed regarding iManage Support news, advisories, upcoming events, and training:
  153.  
  154. Open the iManage Support Announcements section of Help Center.
  155. Click Follow > New articles and comments.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!