Support ignores remote execution security threat

Forum Index » PowerDirector (previous versions)

Herbert10

Newbie Joined: Sep 04, 2008 15:27 Messages: 9 Offline

Solved by

Aug 03, 2009 16:37

I wrote the support:
PowerDirector 7 uses the following libraries atl71.dll, mfc71.dll, mfc71u.dll, msvcm80.dll, msvcp80.dll, msvcr80.dll where Microsoft has issued security updates recently (Threat: remote code execution).
Microsoft has also issued a sucurity update for Visual Studio .Net 2003 until 2008, which you are also using, so that software vendors like Cyberlink can recompile and update their products with the new libraries.
When will Cyberlink issue a security or normal update, so that the libraries I listed above are replaced with the save ones?

The support answered:
In response to your issue we would like to inform you that we do not have the plan to do this.

Does this mean, that the end users have to patch PowerDirector themself?

OnTheWeb1

Contributor Location: Michigan USA Joined: Jan 02, 2009 12:58 Messages: 511 Offline

Aug 03, 2009 17:27

Herbert,

I think they've done an assessment and determined that the real, perceived, or legal risks were of a nature not that compelling.

Not all bugs in all products get fixed, even though they've been exposed.

Its a real world out there.
Win8 64-bit Pro Retail
Intel i7-4770
16GB DDR3 1600 8-8-8-24
MSI Z87-G45 Motherboard
ASUS GTX 660 Direct CU II OC 2GB GPU
1 TB RAID 1 (mirrored) Drive Array
Several scratch drives for video, TMP, pagefile.

Cyberlink.com uses analytical cookies and other tracking technologies to offer you the best possible user experience. By using our website, you acknowledge and agree to our cookie policy. For more information on cookies or changing your cookies settings, read CyberLink’s Cookie Policy.