Relius Desktop Critical Vulnerability
Hello –
The Relius Desktop client has a dependency on a critical (CVSS 10) vulnerability, as identified by Tenable/Nessus, related to the MSXML.dll version. It currently uses version 4, which went end of life in 2006. When we try to remediate the vulnerability on our machines, Relius no longer functions. Have any of you encountered this and/or how have you mitigated the risk of this vulnerability?
Current response from Relius is that they do not have a plan to remediate the vulnerability, and I’m not sure if it still exists in 2020.1, etc. We have not yet upgraded.
Here are a couple reference links.
https://www.tenable.com/plugins/nessus/62758
https://support.microsoft.com/en-us/help/269238/list-of-microsoft-xml-parser-msxml-versions
21 Views