{"id":620,"date":"2017-01-30T08:39:37","date_gmt":"2017-01-30T14:39:37","guid":{"rendered":"http:\/\/www.echorequest.com\/?p=620"},"modified":"2017-01-30T08:39:37","modified_gmt":"2017-01-30T14:39:37","slug":"do-you-webex","status":"publish","type":"post","link":"https:\/\/www.echorequest.com\/?p=620","title":{"rendered":"Do you WebEx?"},"content":{"rendered":"

If you use Webex at work – from your browser, which I’m sure you do…better pay attention.<\/p>\n

Cisco just released a CRITICAL vulnerability alert that would allow someone to take control of your pc if they can get you to click on a meeting link that’s malicious. \u00a0Many vendors have people use Webex – many companies pay big money to use webex – so pay attention and go save yourself!<\/p>\n

https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-20170124-webex<\/p>\n

 <\/p>\n

Google Chrome<\/em>
\nCisco WebEx Extension for Google Chrome version 1.0.7 was released on January 26, 2017 and contains a fix for this vulnerability. Chrome users can ensure they are using the fixed version of the Cisco WebEx Extension for Google Chrome by doing the following:<\/p>\n

    \n
  1. In Chrome, open the Settings <\/strong>page.<\/li>\n
  2. Click Extensions<\/strong>.<\/li>\n<\/ol>\n

    The extension version is listed next to the Cisco WebEx Extension name.<\/p>\n

    Mozilla Firefox<\/em>
    \nVersion 106 of the ActiveTouch General Plugin Container for Mozilla Firefox was released on January 28, 2017 and contains a fix for this vulnerability. Mozilla users can ensure they are using the fixed version of the ActiveTouch General Plugin Container for Mozilla by:<\/p>\n

      \n
    1. Clicking the menu button (three horizontal bars on the upper right of the application) and selecting Add-ons<\/strong>.<\/li>\n
    2. In the Add-ons<\/strong> Manager<\/strong> tab, click the Plugins<\/strong> panel<\/li>\n
    3. Locate the ActiveTouch General Plugin Container<\/strong> in the list of Plugins and click on the More<\/strong> link to obtain the version information<\/li>\n<\/ol>\n

      Microsoft Internet Explorer<\/em>
      \nVersion 10031.6.2017.0127 of the GpcContainer Class for Microsoft Internet Explorer was released on January 28, 2017 and contains a fix for this vulnerability. Internet Explorer users can ensure they are using the fixed version of the GpcContainer Class for Internet Explorer by:<\/p>\n

        \n
      1. In Internet Explorer, select the Tools<\/strong> button<\/li>\n
      2. Select Manage add-ons<\/strong><\/li>\n
      3. Select All add-ons<\/strong> from the Show drop-down menu<\/li>\n
      4. Select the GpcContainer Class<\/strong> add-on under Cisco WebEx LLC<\/strong><\/li>\n<\/ol>\n

        The version number is displayed at the bottom of the Manage Add-ons<\/strong> window.<\/p>\n

         <\/p>\n

         <\/p>\n

        \n

        Fixed Releases<\/strong><\/p>\n

        For the latest information about the following products, please consult the Cisco bug ID provided:<\/p>\n