RealVNC 4.1.2 update to patch security vulnerability
A few hours back, I updated My first post on the RealVNC 4.1.1 vulnerability and just saw another story that did not specify WHICH variation of VNC was at risk. TightVNC and UltraVNC seem to be immune according to the discoverer of the flaw. And as far as I’ve seen, there hasn’t been any contradiction of that.
I did want to get another post in on it so that the security patch had it’s own seperate article as I guess the update to the other might have been a bit too obscure. It looks like RealVNC had fairly quick turnaround from notification to patch which is nice to see. There are exploits in the wild, so if you have RealVNC running, check on the version and check for the Realvnc 4.1.2 update. By the way, this only seemed to affect RealVNC 4.1.1 on Windows I’ve read reports of tests against Linux based RealVNC 4.1.1 with no problems, but just in case – check and see if you have updated linux packages for realvnc based vnc servers.