Join us for SoftSummit 2023. The 20th anniversary of the industry leading software monetization conference. April 18 and 20. Register Now

This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Security patch for the possible privileged escalation scenarios identified in InstallShield 

Security patch for the possible privileged escalation scenarios identified in InstallShield 

Summary 

Adding an InstallScript custom action to a Basic MSI or InstallScript MSI project extracts few binaries to a predefined writable folder during installation time. The standard user account has write access to these files and folders, hence replacing them during installation time can lead to a DLL hijacking vulnerability. Revenera has issued a security patch to correct this flaw. 

Resolution

This security fix avoids using known folders and only extracts to a new random secured folder every time the setup is launched. These secured folders have proper access controls so that the standard user cannot access them in all possible scenarios. 

Patch for InstallShield 2022 R2 

To apply the fix, download the InstallShield 2022 R2 Security Patch.exe and run it on the machine that has either InstallShield 2022 R2 or Standalone Build (SAB) products installed. 
 

To run the patch installation silently: 

Download the InstallShield 2022 R2 Security Patch.exe to a temporary folder on the machine on which you want to apply the fix. 

  1. Download the  IS2022R2SecurityPatch.zip file, extract the IS2022R2SecurityPatch.iss file from the .zip file, and place the IS2022R2SecurityPatch.iss file in the same folder as the ‘InstallShield 2022 R2 Security Patch.exe’ patch file. 

  2. Open a Command Prompt window with elevated privileges. (To do so, right-click the shortcut for the Command Prompt window, and then click Run as administrator.) 

  3. Run the following command: 
    "C:\Path\InstallShield 2022 R2 Security Patch.exe" /s /f1"C:\Path\IS2022R2SecurityPatch.iss" 
    where the path (C:\Path\) is replaced with the appropriate location. 

When the patch is run, it will correct all the identified security flaws in the above products that are installed on the machine.  

 To determine if the InstallShield Hotfix has been installed, verify the version of the following files: 

The following files will be updated to version 28.0.0.763: 
 
<ISInstallLocation>\Redist\Language Independent\i386 

  • ISSetup.dll 
  • setup.exe 
  • setupPreReq.exe 
  • SFHelper.dll 
     

<ISInstallLocation>\Redist\Language Independent\x64 

  • setup.exe 
  • setupPreReq.exe 
  • SFHelper.dll  
     

<ISInstallLocation>\Redist\Language Independent\i386\ISP 

  • ISSetup.dll
  • setup.exe 
  • Setup.ocx 
     

<ISInstallLocation>\System 

  • ISSetup.dll 
Labels (1)
Was this article helpful? Yes No
0 Kudos
No ratings
Comments
ch_eng2
‎Mar 07, 2023 07:26 AM
‎Mar 07, 2023 07:26 AM

This installer did not run on our server with InstallShield 2022 R2 Standalone Build installed, but gave the error message "InstallShield 2022 R2 must be installed to run this update. The setup will now exit."

This patch did work on the workstation where the IDE is installed.

Please advise.

Varaprasad
‎Mar 09, 2023 11:26 PM
‎Mar 09, 2023 11:26 PM

Hi @ch_eng2 ,

Thank you for contacting us. Updated patch installer to consider Standalone Build (SAB) upgrade scenario. Please check now.

ch_eng2
‎Mar 10, 2023 06:56 AM
‎Mar 10, 2023 06:56 AM

@Varaprasad It worked now, thank you!

prateek_v
‎Mar 13, 2023 04:56 AM
‎Mar 13, 2023 04:56 AM

@Varaprasad Is there a CVE ID associated with this?

Version history
Last update:
‎Mar 08, 2023 10:27 PM
Updated by:
Level 6 Flexeran
Contributors