Earlier this year, vulnerabilities were found in the Telerik UI that were fixed with a security patch and with SP V. Recently a newer SP W has been released that addresses additional security vulnerabilities.
Keeping your iMIS updated on the most recent service pack will keep these vulnerabilities at bay. If you are unable to upgrade your iMIS to the latest service pack, it is still a good idea to apply the security patches available. If you are running an iMIS earlier than SP V, you will need to have security patches applied to minimize your iMIS from being compromised.
If you are on iMIS 15.2 to 20.2.49 you will need an even older security update from September 2017. If you have not applied this yet, make sure it has been applied.
For the new security update from earlier this year, the following iMIS versions have their own patches you can get from ASI:
- 1.1 to 20.1.19
- 2.1 to 20.2.26
- 2.49
- iMIS 2017 SP A to SP U
However, there are potential Issues to watch out for:
If you are patching the iMIS instance on some versions, you will get a JS script error on the home page of the iMIS Desktop client. You can work around this by removing the charts in the staff site and republishing the home page of the desktop client. There may also be some changes with the UI in the staff site after the patch, but these are purely cosmetic changes with colors and themes.
Service Pack W may have issues running some iMIS specific database tools and maintenance utilities. You will have to run those procedures manually if it is necessary.
At E-Tech, we have over 25+ years of experience with consulting, managing, and maintaining iMIS. Feel free to Contact Us if you have any questions.
