[Incident]: Some users report they are unable to access the case portal. Please see this community notice for more information.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

HOTFIX: Fix for vulnerability in zlib - CVE-2018-25032

HOTFIX: Fix for vulnerability in zlib - CVE-2018-25032

Summary

Setups built out of InstallShield use zlib version 1.2.11 which has a known vulnerability CVE-2018-25032 which is resolved in zlib version 1.2.12. Please note that the vulnerability can't be exploited when using installers built of InstallShield. The library can be exploited only during 'deflating' (compressing) process. zlib is not used for compressing when installers are run. However, we are providing a hotfix as a pre-emptive measure to ensure that installers pass through security scans without any issues

Affected InstallShield Versions

This vulnerability affects InstallShield 2021 and below

Resolution

Engineering has released a hotfix that resolves this issue by updating the old Zlib version 1.2.11 to 1.2.12

Hotfix Links

InstallShield 2021 R2: Download Hotfix

InstallShield 2020 R3 SP1: Download Hotfix

InstallShield 2019 R3: Download Hotfix

InstallShield 2018 and below: Customers are encouraged to upgrade to InstallShield 2019 or above

Labels (2)
Was this article helpful? Yes No
No ratings
Version history
Last update:
‎May 05, 2022 05:47 AM
Updated by:
Contributors