Original Release: May 3, 2019 | Last Revised: May 9, 2019
Using an exploit to forcibly update configuration data, the PrinterLogic Client can be directed to bypass HTTPS hardening or directed to another PrinterLogic Server. The PrinterLogic Client does not correctly verify the origin and integrity of updates. An attacker who successfully exploits these vulnerabilities could run arbitrary code in the context of the Local System Account.
This solution prevents Man-in-the-Middle (MITM) attacks where bad actors may attempt to spoof a trusted entity by tricking the PrinterLogic Server into connecting to a malicious host. To reduce any attempt at MITM attacks, you must configure your PrinterLogic Server to use the HTTPS protocol as described below:
1. Follow the steps outlined here: HTTP and HTTPS Configuration Steps.
2. Next, make sure your homeURL is updated to HTTPS. For more information, see Update the Client’s HomeURL.
3. In addition, you need to apply the client update described below to secure your PrinterLogic environment.
This solution addresses vulnerabilities related to properly verifying the origin and integrity of the PrinterLogic Client code, as well as sanitizing special characters that could lead to unauthorized changes to configuration files. To address these issues, apply the latest PrinterLogic software update as described below:
1. Download the update from: PrinterLogic Security Update.
2. On the PrinterLogic Server, navigate to C:\inetpub\wwwroot\public\client\setup.
3. Make a backup copy of your existing PrinterLogic Client files before replacing them.
4. Copy and replace the PrinterLogic Client installation files with the new files provided in the download.
5. Navigate to your PrinterLogic Admin Console and enable the automatic update option to update your clients. If you want to push out the clients via GPO or using a software deployment tool, follow these instructions.
6. To validate the update, check to see that the client for each workstation has been updated to the new version by navigating to Tools → Reports → Workstations from the PrinterLogic Admin Console. Click Search to run a report for workstations in your environment. Verify that the numbers in the Client Version column are at least as recent as the numbers shown below
– Windows: 126.96.36.199 or higher
– Mac: 188.8.131.524 or higher
– Linux: 184.108.40.2064 or higher
If you have questions about these solutions, contact PrinterLogic Product Support for assistance.