InstallAware Vulnerability in Yearli Desktop

Description of Issue
Recently, InstallAware announced an upgrade to their applications to protect against a potential vulnerability within their product. InstallAware is a third-party software installation application for Windows Installer, which is also used by Yearli Desktop.

Potential Security Risk
InstallAware is recommending upgrades to all versions prior to 32.10, as they may be susceptible to a DLL preloading vulnerability.

Required Action
All Yearli Desktop users with software versions from 2018-2022 need to apply the latest update within each installed version of Yearli Desktop. This latest update includes the new version of InstallAware with the security patches applied.

Required Update
The latest version of InstallAware is available beginning with the releases listed below. In Yearli, you will find your version number by selecting About in the Help menu.

Yearli 2018: or later
Yearli 2019: or later
Yearli 2020: 3.20.410.001 or later
Yearli 2021: 3.21.410.002 or later
Yearli 2022: or later

Was this article helpful?
1 out of 2 found this helpful