When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution.
These vulnerabilities are first fixed in the following versions:
- T26 SP49 EP40
- T27 FR20
- T27 SP11 EP23
- T27 SP21 EP9
- T27 SP23
- T27 SP25 EP3
- T27 SP28
The client build is listed in the Support > Downloads section of the WebEx page after a user authenticates. WebEx bug fixes are cumulative in a major release. For example, if release T27 SP22 EP9 is fixed, release T27 SP22 EP23 will also have the software fix. End users will see a version such as "Client build: 220.127.116.1189." This indicates the server is running software version T27 SP25 EP4.
If a WRF player was automatically installed, it will be automatically upgraded to the latest, nonvulnerable version when users access a recording file that is hosted on a WebEx meeting site.
If a WRF player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com/downloadplayer.html. If the player is no longer needed, it can be removed using the "Mac Cisco-WebEx Uninstaller" or "Meeting Services Removal tool" available at support.webex.com/support/downloads.html