CA UIM security Vulnerability for Microsoft XML Parser

Document ID : KB000118613
Last Modified Date : 29/10/2018
Show Technical Document Details
Question:
We have security vulnerability raised on CA UIM hub server.
Following is the remarks from security tool: **EOL/Obsolete Software: Microsoft XML Parser and Microsoft XML Core Services (MSXML) 4.0 Detected **"Microsoft XML Core Services (MSXML), formerly known as the Microsoft XML Parser, can be used to build XML-based applications that follow the World Wide Web Consortium (W3C) XML standards.

MSXML is a Component Object Model (COM) implementation of the W3C DOM model.
**Microsoft ended support for Microsoft XML Parser and Microsoft XML Core Services (MSXML) 4.0 on April 12, 2014 and provides no further support."

Since the vendor no longer providers software updates, this version is most susceptible to security vulnerabilities. Depending on the vulnerability being exploited, an unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service on the targeted system.

Customers are strongly encouraged to upgrade their development environments to the latest MSXML technology of MSXML 6.0 (Microsoft XML Core Services).

Please let us know remediation steps to clear this vulnerability. Regards, Zaheer
Environment:
UIM 9.X and earlier
Infrtastrcutre manager 4.X and earlier
 
Answer:
The IM client installs a SOAP-runtime-TK3 package which lays down the
msxml4.dll (it could be used by other 3rd party programs as well). If this is removed the IM client will be unable to access the web Archive.

There is also a MSXML 4.0 SP3. It can be downloaded from the following site:

MSXML 4.0 Service Pack 3 (Microsoft XML Core Services)
https://www.microsoft.com/en-us/download/details.aspx?id=15697