The vulnerability announced earlier (please click here and here for more information) impacts not only Google Chrome but other browsers on the Windows platform. Please see the instructions below to check whether you have the newest release:
Google Chrome
Cisco WebEx Extension for Google Chrome version 1.0.7 was released on January 26, 2017 and contains a fix for this vulnerability. Chrome users can ensure they are using the fixed version of the Cisco WebEx Extension for Google Chrome by doing the following:
- In Chrome, open the Settings page
- Click Extensions
- Select the Developer mode checkbox
- Click Update extensions now
- Restart the Chrome browser
Microsoft Internet Explorer
Version 10031.6.2017.0126 of the GpcContainer Class for Microsoft Internet Explorer was released on January 28, 2017 and contains a fix for this vulnerability. Internet Explorer users can ensure they are using the first fixed or later version of the GpcContainer Class for Internet Explorer by:
- In Internet Explorer, select the Tools button
- Select Manage add-ons
- Select All add-ons from the Show drop-down menu
- Select the GpcContainer Class add-on under Cisco WebEx LLC
The version number is displayed at the bottom of the Manage Add-ons window.
Mozilla Firefox
Version 106 of the ActiveTouch General Plugin Container (10031.6.2017.127) for Mozilla Firefox was released on January 28, 2017 and contains a fix for this vulnerability. Mozilla users can ensure they are using the first fixed or later version of the ActiveTouch General Plugin Container for Mozilla by:
- Clicking the menu button (three horizontal bars on the upper right of the application) and selecting Add-ons
- In the Add-ons Manager tab, click the Plugins panel
- Locate the ActiveTouch General Plugin Container in the list of Plugins and click on the More link to obtain the version information
For a full explanation, please see: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170124-webex