Patch for third-party security vulnerabilities in AccurioPro Flux available

The first vulnerability, discovered in a third-party component used by AccurioPro Flux, affects all AccurioPro Flux installations from version 7.0 until 10.2.2.78547 and can potentially allow unauthorized memory read if an attacker has direct access to the machine. 

A second discovered vulnerability in another third-party component affects all AccurioPro Flux installations from 8.0 until 10.2.2.78547 and can potentially lead to a denial-of-service in the Flux Web online shop.

Although we are not aware of any instance of AccurioPro Flux being targeted, we strongly recommended updating all affected installations immediately to patch these vulnerabilities.

The latest version 10.2.2.78563 of AccurioPro Flux has already fixed these vulnerabilities. 

In addition, our security patch installer has been updated that can be applied even without a valid Software Maintenance Plan (SMP). Please note that in some cases an update to the latest version 10.2.2.78563 with a valid SMP is required. 

Please contact your Konica Minolta partner to obtain the security patch installer or the latest version of AccurioPro Flux.