Data Innovations® (DI) announces the availability of Instrument Manager (IM) 2020 MR3 (v8.17.32), commonly referred to as IM 2020 MR3. This patch release includes updates to improve the security posture of Instrument Manager.
These security updates are not a response to a customer complaint or a product recall. These updates are part of our IM hardening activities. DI employs industry tools that detect potential vulnerabilities.
The IM 2020 MR3 patch (v8.17.32) is the easiest path for adopting these security enhancements. This patch addresses the following:
- Improper Authorization – Insufficient Access Control – Under certain conditions a user could receive escalated privileges which can result in access to personally identifiable information.
- DLL Hijacking – Under certain conditions a user could be allowed to inject malicious DLL (dynamic-link library) files.
This announcement is being made to our DI business partners and direct end-user customers. To prevent disclosure of information that might expose our customers to unnecessary risk, DI maintains strict policies not to discuss the technical details of any security vulnerability.
As always, we strongly encourage you to upgrade your IM installation to the most recent version available. If you are currently utilizing IM version 8.16.20 or older, these IM versions are considered legacy versions. IM versions older than 8.16.20 were developed and validated on technologies that are no longer sold or supported.
In addition to the standard security and system updates, every version of Instrument Manager includes new and updated features. Review our version history to see the list of new features you will receive when you upgrade to IM 2020 MR3 (v8.17.32).
For more information about Instrument Manager, go to www.datainnovations.com or contact our regional Sales & Marketing Departments. If you purchased Instrument Manager from one of our business partners, please contact them for support.