Wireshark Releases Security Update December 2015

In late December, updated versions (v2.0.1; the current branch and v1.12.9; the previous branch) of the popular open source network packet analyzer Wireshark were made available by the Wireshark Foundation.

This updates release notes references 24 security advisories that are addressed within it. While the previous branch version 1.12.9 references 21 security advisories. Both versions also address a DLL hijacking flaw within older versions of the open source NSIS installer. This installer was updated to version 2.50 to resolve this issue. NSIS is also used by other popular applications (among others) such as VLC and VeraCrypt (one of the alternatives to the discontinued TrueCrypt).

As per the normal process Linux distributions can obtain this update using the operating systems standard package manager (if the latest version is not installed automatically using the package manager you can instead compile the source code). This forum thread and this forum thread may also be helpful to you with installing Wireshark on your Linux based system.

For Mac OS X and Windows, the update is available within the downloads section of the Wireshark website. In addition, a detailed FAQ for Wireshark is available here.

As always, if Wireshark is installed on a critical production system or systems that contain your critical data, please back up your data before installing this update in order to prevent data loss in the rare event that an update causes unexpected issues.

Thank you.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s