Skip to main content

Available in:

StandardPremiumEnterprise
Small Business
Code42 Support

Manually resolve security vulnerability in CrashPlan app version 4.8.2 and earlier

Available in:

StandardPremiumEnterprise
Small Business

Overview

Code42 app versions 4.8.2 and earlier contain a security vulnerability that could allow escalation of privilege on Windows devices. This vulnerability is already corrected in Code42 app version 4.8.3. All CrashPlan for Small Business (previously CrashPlan PRO) devices with supported operating systems automatically upgraded to version 4.8.3 on June 13, 2017.

This article provides a manual workaround to remove the vulnerability from older versions of the Code42 app. These steps are recommended only for customers who cannot upgrade to Code42 app version 4.8.3 or later.

Affects

Code42 app version 4.8.2 and earlier on Windows devices.

You can identify your Code42 app version to determine if you must manually remove the vulnerability.

Recommended solution for Code42 app 4.8.2 and earlier

These steps are recommended only for customers who cannot upgrade their devices to Code42 app version 4.8.3 or later. Follow these steps on each device:

  1. Open the CrashPlanService.ini file in a plain text editor.
    • Installed for everyone (default): C:\Program Files\CrashPlan\CrashPlanService.ini
    • Installed per user: C:\Users\<username>\AppData\<Local or Roaming>\Programs\CrashPlan\CrashPlanService.ini
  2. Locate the line beginning with Class Path =.
  3. Delete the path C:\ProgramData\CrashPlan\lang from that line.
  4. Save the changes to the file.
  • Was this article helpful?