Manualshelf

Installation guide

ManualsBrandsVector ManualsComputer equipmentPC-Duo
45678910111213
Release Notes PC-Duo 12.5 11
o Only peer-to-peer or Gateway-managed connections within the
same domain are vulnerable to this defect, but most corporate
domains are protected and considered safe environments.
o Proxy data, while not encrypted, is encoded in a proprietary
format and compressed, so intercepting and decoding that data
would not be a casual challenge. Also note that this defect does
not affect the initial connection between Proxy components.
o The initial connection between Proxy components is not affected
by this defect, so connections made to accomplish one and only
one task will not be affected.
Upgrade to version 11.6. This maintenance release contains a fix for
the root cause of the defect. The fix will enforce encryption when a 11.6
Proxy “client” (typically Master in peer-to-peer connections, or the Master
connecting to a Gateway in the first half of a Gateway-managed
connection, and the Gateway connecting to a Host in the second half)
communicates with a 11.6 or older component. Customers should
upgrade all Proxy components to 11.6 in order to ensure persistent
enforcement of encryption on their connections. At a minimum,
customers should upgrade Masters (and Gateways if present) to 11.6 to
ensure encryption is enforced. Hosts can be a client in reverse
connections but those are not affected by this defect. If a 11.6 or older
Proxy client application tries to connect to a 11.6 Host, and encryption is
requested but not enforced, the connection will be terminated and a new
error code generated (0xC004DEAD).
Registry modification to existing Proxy components. For customers
with Proxy components from version 10.0 through 11.6, a simple registry
patch can be used to work around this defect. (Note: Customers with
Proxy components from version 10.0 must either upgrade (at least the
clients) to 11.6 or take no action.) As with the upgrade option, customers
should apply the registry patch to all computers running Proxy software,
but at a minimum, customers must apply the patch to Masters (and
Gateways if present). Also note that customers must monitor deployment
of new Masters and Gateways, and ensure that registry patch is applied
if 11.6 (or later) software is not used. If a new Master or Gateway comes
online and the patch is not applied, the defect may be active and will not
be noticeable.
o The registry setting for Windows x86 systems is:
[HKEY_LOCAL_MACHINE\SOFTWARE\Funk Software, Inc.\Proxy
v5\Transport] "ShareSession"=dword:00000000
o The registry setting for Windows x64 systems is:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Funk Software,
Inc.\Proxy v5\Transport] "ShareSession"=dword:00000000
Following table summarizes the impact of different mitigation options: