Warning of two security vulnerabilities in Flexera FlexNet Publisher

Description

Flexera has informed Esri of two security vulnerabilities in their software. Information on these vulnerabilities was first published on February 22, 2016, as CVE-2015-8277.

Esri has received fixes for these two security vulnerabilities, which we have incorporated into the ArcGIS 10.4 License Manager. Since ArcGIS License Manager is built with FlexNet Publisher, Esri is providing the ArcGIS 10.4 License Manager to resolve these Flexera vulnerabilities.

Customers need only to download and install the ArcGIS 10.4 License Manager.

Cause

This is a known issue.

Solution or Workaround

Note:
This issue has been fixed in ArcGIS 10.4 License Manager. It is not necessary to upgrade the License Manager for later versions.

We highly recommend that all Esri customers that use concurrent licensing pull their current ArcGIS License Manager and install the ArcGIS 10.4 License Manager at their earliest convenience. The ArcGIS 10.4 License Manager is compatible with other currently supported ArcGIS releases.

The ArcGIS 10.4 License Manager can be downloaded from My Esri and is available within the ArcGIS for Desktop, ArcGIS Engine, and ArcGIS for Server products. Contact your primary maintenance contact for access to My Esri if you are not authorized to download Esri software.

For Esri international customers who need localized versions of the ArcGIS 10.4 License Manager, we are working to expedite availability as quickly as possible. Until the localized versions are available on My Esri, customers that don’t want to wait can install the English ArcGIS 10.4 License Manager now, and replace it as soon as the localized versions are ready. We will update this KB article as soon as the localized versions become available.

Note:
The ArcGIS 10.4 License Manager works with all ArcGIS releases from ArcGIS 10.0 through ArcGIS 10.4.