On Sunday 19 June 2011 11:37:33 Stefan Kanthak wrote: > soft Xpansion <www.soft-xpansion.com> distributes their (freeware) > products "Perfect PDF 7 Master" and "Perfect PDF 7 Reader" (the > current files are dated 2011-05-10) with OUTDATED and VULNERABLE > Visual C++ 2008 runtime libraries VCRedist_x86.exe/VCRedist_x64.exe > version 9.0.30729.17 of 2008-08-08. > > These libraries have been updated since then at least twice due to > vulnerabilities, see > <http://www.microsoft.com/technet/security/bulletin/MS09-035.mspx> > and > <http://www.microsoft.com/technet/security/bulletin/MS11-025.mspx> Did you check if these vulnerabilities be exploited via this product? I'm not suggesting that its OK to distribute outdated libs, just to understand the risk a little more. Brad
