Horizon DataSys announced today (Aug. 24, 2015) a new build for their Windows system restore solution RollBack Rx Professional and Drive Vaccine which patches three security vulnerabilities found in each program.
The security flaws exposed can be used to bypass Windows user privileges, bypass the pre-OS start-up, and modify the Access Control section within the software itself.
Due to the severity of this release it is highly recommended all users update to this latest build to have the most secure version of the product running.
The vulnerabilities were discovered by Joe Kovacic, CEO of itSoftware, a company which specializes in anti-malware technology.
“There is value in occasionally assuming the role of an ethical hacker,” Kovacic said. “Doing so gives me insight into how malicious actors exploit and bypass software technologies – whether that may be useful backup software like RollBack Rx or itSoftware’s own anti-malware technology. With that information, companies like Horizon DataSys and itSoftware are better capable of hardening our products and protecting our customers.”
The exploits discovered by Kovacic affect all previous versions and builds of RollBack Rx and our instant recovery software Drive Vaccine, as well as our freewares RollBack Rx Home Edition and Reboot Restore Rx. The patches for the latter two will be available by the end of August.
Once again, we here at Horizon DataSys highly recommend updating to the most recent build of the aforementioned programs to have the most secure version running.
We sincerely thank itSoftware and Kovacic for the hard work put into discovering and relating this information to our development team.
If you have Annual Maintenance and/or are currently using version 10.0 and above you qualify for a free upgrade. If not, you may inquire about how to upgrade by either chatting with a representative at www.horizondatasys.com, or by calling us directly at 1-800-496-0148.
You can directly download the latest versions by visiting the product pages tab at the top of our homepage.
For more information on itSoftware or to get in touch with the company, please visit www.itSoSafe.com.
For any support related questions or inquiries, please go to our support portal.
For security reasons we will not be detailing how the previous versions were cracked.
~The Horizon DataSys Team