Kryptronic Software Security Update: KRYPT04222014S

At Kryptronic, we work diligently to ensure our software is the most secure and stable available on the Internet. We have been monitoring several new unsolicited email exploits which have appeared on the Internet over the past few days. Spam bots have now begun to target forms on the Internet which allow users to information to friends about products and services. Our software versions 6 through 8 provide such functionality in the form of the Email a Friend e-commerce feature.

We have issued this software security update as of 04/22/2014 at 12:00 PM ET to ensure your software is hardened against any attacks of this nature. It is strongly recommended that you read, and follow the instructions in this update, to ensure your software is hardened against any such attacks.

Kryptronic Managed Hosting Clients

All Kryptronic Managed Hosting clients with version 6 and version 7 software installations have had this updated applied as of 04/22/2014 at 12:00 PM ET. There is no need for Kryptronic Managed Hosting clients with version 6 and version 7 software installations to run a software update at this time.

Kryptronic Managed Hosting clients with version 8 software should consider disabling the Email a Friend e-commerce feature (see 'ClickCartPro & EuropaCart Version 8 Software' below).

ClickCartPro & EuropaCart Version 8 Software

ClickCartPro & EuropaCart Version 8 Software has been hardened against such attacks since it's inital version 8.0.0 launch. No software update is necessary for version 8 installations.

At this time, Kryptronic recommends that you disable the Email a Friend e-commerce feature to ensure it cannot be used. We have no indication this feature is vulnerable to attack, however we recommend disabling it, especially if it's not used. To disable the feature, access your software management interface and browse to the function Store | Component | Settings | Product Detail Pages, and set the value for the 'Display Email a Friend Link' setting to false (0).

ClickCartPro & EuropaCart Version 7 Software

A software update is required to harden ClickCartPro & EuropaCart Version 7 Software against such attacks. Install the update using the instructions at link below. Applying this update will disable the Email a Friend e-commerce feature outright, therefore there is no need to disable the Email a Friend e-commerce feature using the management interface.

Link: Updating ClickCartPro & EuropaCart Version 7 Software

All ClickCartPro Version 6 Software

A software update is required to harden ClickCartPro Version 6 Software against such attacks. Install the update using the instructions at link below. Applying this update will disable the Email a Friend e-commerce feature outright, therefore there is no need to disable the Email a Friend e-commerce feature using the management interface.

Link: Updating ClickCartPro Version 6 Software

© 1999-Present Kryptronic, Inc. All rights reserved worldwide. Kryptronic, the Kryptronic logo and all Kryptronic software names and logos are trademarks of Kryptronic, Inc. All Kryptronic software is copyrighted and the intellectual property of Kryptronic, Inc. All Kryptronic software is developed and distributed under license by Kryptronic, Inc.