Potential Pervasive Security Risk

Notice Sage_18C_06272018 was sent today:

This notice provides important information about a potential security risk involving the Pervasive database, and applies to you if you are using Sage BusinessWorks, Sage BusinessVision, or Sage DacEasy.

Note: If you are not the person who installs your Sage product updates, please forward this email to the appropriate person. Issue Sage has recently become aware of a potential security vulnerability relating to the Keyhelp.ocx file used by the Pervasive System Analyzer, a third-party utility.

The Pervasive System Analyzer was installed as a part of your Sage product installation. If this vulnerability is exploited, the Keyhelp.ocx file can permit an unauthorized user to remotely execute code on the machine where the Sage product is running. The vulnerability could be exploited if a user opens a specially crafted file from a third party with the ActiveX component enabled on the Sage machine.

Solution: You can remove the Keyhelp.ocx file by following the steps in the Resolution section of KnowledgeBase article 91233. Removing the Keyhelp.ocx file will resolve the potential vulnerability.

Anonymous