A zero-day security vulnerability, “Improper Link Resolution Before File Access,” was identified in the Nomad module of the 1E Client versions prior to 25.3. This vulnerability allows an attacker with local, unprivileged access on a Windows system to delete arbitrary files by exploiting symbolic links.
– 1E Client v25.1 – hotfix Q23589 or later
– 1E Client v24.5 – hotfix Q23583 or later
– 1E Content Distribution Tools v25.1 – hotfix Q23591 or later
|