Skip to main content
Code42 Support

Manually resolve security vulnerability in CrashPlan app version 4.8.2 and earlier

Available in:

StandardPremiumEnterprise
Small Business

Overview

CrashPlan app versions 4.8.2 and earlier contain a security vulnerability that could allow escalation of privilege on Windows devices. This vulnerability is already corrected in CrashPlan app version 4.8.3. All CrashPlan for Small Business (previously CrashPlan PRO) devices with supported operating systems automatically upgraded to version 4.8.3 on June 13, 2017.

This article provides a manual workaround to remove the vulnerability from older versions of the CrashPlan app. These steps are recommended only for customers who cannot upgrade to CrashPlan app version 4.8.3 or later.

Affects

CrashPlan app version 4.8.2 and earlier on Windows devices.

You can identify your CrashPlan app version to determine if you must manually remove the vulnerability.

Recommended solution for CrashPlan app 4.8.2 and earlier

These steps are recommended only for customers who cannot upgrade their devices to CrashPlan app version 4.8.3 or later. Follow these steps on each device:

  1. Open the CrashPlanService.ini file in a plain text editor.
    • Installed for everyone (default): C:\Program Files\CrashPlan\CrashPlanService.ini
    • Installed per user: C:\Users\<username>\AppData\<Local or Roaming>\Programs\CrashPlan\CrashPlanService.ini
  2. Locate the line beginning with Class Path =.
  3. Delete the path C:\ProgramData\CrashPlan\lang from that line.
  4. Save the changes to the file.
  • Was this article helpful?