Search
  • aaronfleming

Critical Advisory: Update required to address iManage Work Server security vulnerability

StartFragment

This notice applies to iManage Work on-premises environments running iManage Work Server version 9.5 R2 through to 10.2.0.x.

iManage performs security testing as part of their standard quality assurance process. This vulnerability was identified during their most recent round of testing, prompting immediate actions to identify the root cause and to initiate a remediation plan for all affected iManage customers. The impacted versions of iManage Work Server are installed in on-premises environments. This vulnerability requires the immediate application of an update, or upgrade to the latest release, to avoid a potential breach. iManage has done the following:

  • Removed all affected iManage Work Server installation packages from Help Center.

  • Released a security patch update for some of the versions of iManage Work Server affected by this issue (9.5 R2 through to 10.1.3). NOTE: The security patch update will stop and restart the iManage Work Server service.

  • Released a new build of iManage Work Server 10.2.0 (10.2.0.186) that contains the required security update. The new build is available on the iManage Work Server 10.x release page.

  • StartFragmentNOTE: In addition to releasing the iManage Work Server 10.2.0.186 full installer, we are also planning to release a patch installer for iManage Work Server 10.2.0.x versions. We will advise when an update for the 10.2.0.x patch installer is available.EndFragment

What to do?

We have emailed everyone with a plan of attack to support you on this. We will provide the following

  • Delete existing copies of affected iManage Work Server installations and ensure that you do not use any previously downloaded installation packages in your environment including development, testing, and production environments

  • Contact Next Page for assistance in applying the patch update or upgrading to the latest build (depending on the current environment)

  • To review the complete advisory, please click here.

Please note: This software patch is covered under your iManage maintenance however installation will be charged on a time and materials basis. If you currently have a service level agreement (SLA) in place with us installation will be covered. To find out more about this service please contact Next Page support.

EndFragment

29 views