Fixlet Site - UpdatesforWindowsApplications
Current Version: 212	Published: Mon, 13 Jul 2009 20:37:22  GMT

New Fixlets:
============

***************************************************************
Title: WinZip 10.0 Available
Severity: Critical
Fixlet ID: 10011001
Fixlet Link: http://www.winzip.com

Fixlet Description: WinZip Computing has released WinZip 10.0 build 7245, a critical update to all installations of WinZip 10.0. This build addresses a security vulnerability that exists in one of its component modules. This vulnerability could allow a remote attacker to execute arbitrary code on a system with an unpatched installation of WinZip 10.0 if the user was to visit a malicious web page. While there are no known exploits as of this announcement, WinZip 10.0 users are strongly urged to update to build 7245, due to the critical nature of the vulnerability. 

Important Note: WinZip 10.0 is not a free upgrade for users running WinZip 9.0 or earlier. Please see this page for more information. Note that this Fixlet message will only become relevant for computers on which WinZip 10.0 or greater is installed.

Important Note: The installer deployed by this Fixlet message will automatically shut down any running instances of WinZip. If this behavior is undesirable, please run deployed actions with the caveat 'not exists running application "winzip32.exe".'

***************************************************************
Title: WinZip 10.0 Available (French)
Severity: Critical
Fixlet ID: 10011002
Fixlet Link: http://www.winzip.com/fr

Fixlet Description: WinZip Computing has released WinZip 10.0 build 7245, a critical update to all installations of WinZip 10.0. This build addresses a security vulnerability that exists in one of its component modules. This vulnerability could allow a remote attacker to execute arbitrary code on a system with an unpatched installation of WinZip 10.0 if the user was to visit a malicious web page. While there are no known exploits as of this announcement, WinZip 10.0 users are strongly urged to update to build 7245, due to the critical nature of the vulnerability. 

Important Note: WinZip 10.0 is not a free upgrade for users running WinZip 9.0 or earlier. Please see this page for more information. Note that this Fixlet message will only become relevant for computers on which WinZip 10.0 or greater is installed.

Important Note: The installer deployed by this Fixlet message will automatically shut down any running instances of WinZip. If this behavior is undesirable, please run deployed actions with the caveat 'not exists running application "winzip32.exe".'

Important Note: WinZip Computing does not offer a French version of the MSI installer for this version of WinZip. This Fixlet message will install the latest English version of WinZip 10.0, which may not be desired.

***************************************************************
Title: WinZip 11.2 Available
Severity: Critical
Fixlet ID: 10021001
Fixlet Link: http://www.winzip.com

Fixlet Description: WinZip Computing has released WinZip 11.2 SR-1, a critical update to all installations of WinZip 11. This release addresses a security vulnerability that exists in one of the modules shipped with WinZip 11. This component is not a WinZip module but rather a Microsoft module that WinZip Computing shipped for the convenience of Windows 2000 customers. Distribution files for WinZip versions 11.1 and 11.2 included an earlier gdiplus.dll which was placed in the WinZip program folder for Windows 2000 systems only. Other operating systems are not affected by these installations. Upgrading to WinZip 11.2 SR-1 or WinZip 12.1 on Windows 2000 systems will replace the earlier gdiplus.dll with a newer version that is not subject to the security vulnerability. Distribution files for WinZip version 11.0 included an earlier gdiplus.dll which was placed in the WinZip program folder without regard to operating system. Note, however, that the .DLL is only utilized by WinZip on Windows 2000 systems. Versions of WinZip prior to 11.0 are not affected by this security vulnerability. Upgrading to WinZip 11.2 SR-1 (Build 8261) or WinZip 12.1 will remove the earlier gdiplus.dll from the WinZip program folder on Windows XP or Vista systems. On Windows XP or Vista, you may simply delete the file from the WinZip folder (if it exists). 

Important Note: WinZip 11.2 is not a free upgrade for users running WinZip 10.0 or earlier. Please see this page for more information. Note that this Fixlet message will only become relevant for computers on which WinZip 11.0 or greater is installed.

Important Note: The installer deployed by this Fixlet message will automatically shut down any running instances of WinZip. If this behavior is undesirable, please run deployed actions with the caveat 'not exists running application "winzip32.exe".'

***************************************************************
Title: WinZip 11.2 Available (French)
Severity: Critical
Fixlet ID: 10021002
Fixlet Link: http://www.winzip.com/fr

Fixlet Description: WinZip Computing has released WinZip 11.2 SR-1, a critical update to all installations of WinZip 11. This release addresses a security vulnerability that exists in one of the modules shipped with WinZip 11. This component is not a WinZip module but rather a Microsoft module that WinZip Computing shipped for the convenience of Windows 2000 customers. Distribution files for WinZip versions 11.1 and 11.2 included an earlier gdiplus.dll which was placed in the WinZip program folder for Windows 2000 systems only. Other operating systems are not affected by these installations. Upgrading to WinZip 11.2 SR-1 or WinZip 12.1 on Windows 2000 systems will replace the earlier gdiplus.dll with a newer version that is not subject to the security vulnerability. Distribution files for WinZip version 11.0 included an earlier gdiplus.dll which was placed in the WinZip program folder without regard to operating system. Note, however, that the .DLL is only utilized by WinZip on Windows 2000 systems. Versions of WinZip prior to 11.0 are not affected by this security vulnerability. Upgrading to WinZip 11.2 SR-1 (Build 8261) or WinZip 12.1 will remove the earlier gdiplus.dll from the WinZip program folder on Windows XP or Vista systems. On Windows XP or Vista, you may simply delete the file from the WinZip folder (if it exists). 

Important Note: WinZip 11.2 is not a free upgrade for users running WinZip 10.0 or earlier. Please see this page for more information. Note that this Fixlet message will only become relevant for computers on which WinZip 11.0 or greater is installed.

Important Note: The installer deployed by this Fixlet message will automatically shut down any running instances of WinZip. If this behavior is undesirable, please run deployed actions with the caveat 'not exists running application "winzip32.exe".'

***************************************************************
Title: WinZip 12.1 Available
Severity: <Unspecified>
Fixlet ID: 10031001
Fixlet Link: http://www.winzip.com

Fixlet Description: WinZip Computing has released a new version of WinZip (12.1 Build 8519). Please use the action below to upgrade to the latest version. 

Important Note: WinZip 12.1 is not a free upgrade for users running WinZip 11.2 or earlier. Please see this page for more information. Furthermore, WinZip 12.1 Build 8519 cannot be applied to earlier builds of WinZip 12.1 without first uninstalling those builds. As such, this Fixlet message will only become relevant for computers on which WinZip 12.0 is installed.

Important Note: The installer deployed by this Fixlet message cannot be run while WinZip is running. As such, this Fixlet message will not become relevant on machines that are currently running WinZip.

***************************************************************
Title: WinZip 12.0 Available (French)
Severity: <Unspecified>
Fixlet ID: 10031002
Fixlet Link: http://www.winzip.com/fr

Fixlet Description: WinZip Computing has released a new version of WinZip (12.0 Build 8252). Please use the action below to upgrade to the latest version. 

Important Note: WinZip 12.0 is not a free upgrade for users running WinZip 11.2 or earlier. Please see this page for more information. Note that this Fixlet message will only become relevant for computers on which WinZip 12.0 or greater is installed.

Important Note: The installer deployed by this Fixlet message cannot be run while WinZip is running. As such, this Fixlet message will not become relevant on machines that are currently running WinZip.