2/19/2016: ARTEC Releases Preventive Update to Fix Glibc Vulnerability
A recently discovered vulnerability in the Glibc library is causing concern for many users of embedded systems. The Glibc library is a central component used by many Unix-based systems. A problem in a DNS function could lead to the execution of remote code (and possibly malware) under certain circumstances.
ARTEC has decided to take no unnecessary risks and to protect customers from possible exploits which could appear in the coming weeks and months as a result of the vulnerability. AOS (ARTEC OS) 5.23, which is ARTEC's hardened appliance operating system, contains fixes the vulnerability and is now available for installation.
AOS generally performs no direct Internet communication and does not normally access external servers. In addition, e-mail messages and documents are processed in hardened and sandboxed subsystems, which means that there is almost no attack vector for the vulnerability that customers need to worry about. Nevertheless, ARTEC has decided to release a preventive security update to protect customers from future developments that may arise in connection with the vulnerability. ARTEC's customers can rest assured that they are protected and that there is no cause for concern.
AOS 5.23 is now available to users of ARTEC's EMA® (legally compliant e-mail archiving) and VSTOR® (digital information management) and will be distributed as an automatic update on March 1, 2016.