Cisco IronPort Desktop Flag Plug-in for Outlook versions from 18.104.22.168
up to, but not including, 6.5.0-006 are affected by this issue. Cisco IronPort
is currently developing a software fix that will be available via the Cisco
IronPort support website. This Security Response will be updated once version
information for the fixed software is available.
This issue is documented in Cisco IronPort bug 65623 and has been
assigned Common Vulnerabilities and Exposures (CVE) identifier
It is possible to mitigate this issue by ensuring that only one email
composition window is open when using the Send Secure button.
Secure email messages should be composed one at a time until a fixed version of
the Cisco IronPort Desktop Flag Plug-in for Outlook can be installed.
Obtaining Fixed Software
Cisco IronPort Desktop Flag Plug-in for Outlook version 6.5.1 that
contains the software fix for this issue can be obtained from the Cisco
IronPort support portal by customers with a registered login. End users will
need to obtain the fixed software from their internal support
Cisco IronPort Desktop Flag Plug-in for Outlook is directly supported
by Cisco IronPort. Customers should contact Cisco IronPort technical support at
the link below to obtain software fixes. Cisco IronPort technical support will
assist customers in determining the correct fixes and installation procedures.
Customers should direct all warranty questions to IronPort technical support.
Note: Do not contact firstname.lastname@example.org or email@example.com for