Important Security Notice for
CA ARCserve Backup for Laptops and Desktops
Last Updated: January 23, 2007
CA's Technical Support is alerting customers to a security risk associated with the CA ARCserve Backup for Laptops & Desktops product. Researchers at NGSS (www.ngssoftware.com) detected multiple remotely exploitable problems and reported the vulnerabilities to CA. We have been working with them to understand the nature of the problems and to make certain that the provided remedy addresses the problems.
CA has confirmed the presence of these vulnerabilities and has completed development of updates that provide protection against them. Upon completion of quality assurance testing, the updates were released and made available to CA customers on January 23, 2007.
The vulnerabilities involve multiple overflow conditions that can allow arbitrary code to be executed remotely with local SYSTEM privileges on Windows or cause denial of service. These issues affect the CA ARCserve Backup for Laptops & Desktops services.
Customers with vulnerable versions of the CA ARCserve Backup Laptops & Desktops product should upgrade to the latest versions which will be available for download from https://Support.ca.com on or before January 23, 2007.
|BrightStor Products |
| || CA ARCserve Backup for Laptops and Desktops r11.1 SP1 |
CA ARCserve Backup for Laptops and Desktops r11.1
CA ARCserve Backup for Laptops and Desktops r11.0
CA ARCserve Backup for Laptops and Desktops r4.0
|CA Protection Suites r2 |
| ||CA Desktop Protection Suite r2 |
CA Business Protection Suite r2
CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2
CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2
|CA Desktop Management Suite |
| || DMS r11.0 |
Prerequisite conditions for the vulnerability to be exploitable
Fixes to apply:
BABLD r11.1 SP2 - SP2 does not contain the vulnerability, there is no fix to apply
BABLD r11.1 SP1 - QO83833
BABLD r11.0 - QI85497
DMS r11.1 - QO85401
DMS r11.0 - QI85423
BMB r4.0 - QO85402
Should you require additional information, please contact CA Technical Support at https://Support.ca.com.