1. Accueil
  2. Groupe
  3. Sécurité des produits
  4. Product Security Updates

Product Security Updates

24.03.2021 - NVIDIA Driver Update Instructions for LAS X Workstations

Vulnerabilities in third-party NVIDIA GPU driver (all versions prior to 461.09) affect certain product lines running on LAS X confocal and LAS X widefield

LAS X confocal and LAS X widefield do not only empower researchers to acquire high-quality data. They also provide state-of-the-art image processing tools, such as LIGHTNING and THUNDER. To guarantee seamless computation for these demanding workloads, LAS X confocal and LAS X widefield leverage powerful graphic cards (GPUs) from NVIDIA.

NVIDIA is continuously evaluating their product security. In this context, they have recently disclosed several vulnerabilities for their GPU drivers (all versions prior to 461.09), warranting timely action for affected workstations. Being offered with an NVIDIA GPU configuration, the following product lines are affected:

  • Confocal:

    • STELLARIS (all systems running on LAS X confocal <= 4.2.0)
    • SP8 (certain systems running on LAS X confocal <= 3.5.7: depending on whether acquisition workstation has an NVIDIA GPU)
    • Offline workstations (certain workstations running on LAS X confocal <= 3.5.7 or LAS X confocal <= 4.2.0: depending on whether offline workstation has an NVIDIA GPU)

  • Widefield:

    • THUNDER Imager (all systems running on LAS X widefield <= 3.7.4)
    • All systems with a ‘LAS X Workstation’ or a ‘LAS X Core Workstation’ (running on LAS X widefield <= 3.7.4)

If you are unsure whether your acquisition or offline workstation features an NVIDIA GPU, please refer to the instructions [‘Check if the system is equipped with an NVIDIA graphics card’]. In case your workstation does not have an NVIDIA GPU, there is no need to take any action regarding these disclosed vulnerabilities.

In case your workstation has an NVIDIA GPU, the disclosed vulnerabilities are resolved by installing the patched NVIDIA drivers as described in the instructions. We strongly recommend to all affected LAS X users to follow this guide in order to address all known NVIDIA driver vulnerabilities.

This NVIDIA driver issue is resolved independently from LAS X, i.e., a LAS X patch release is not necessary. Naturally, upcoming LAS X releases for confocal and widefield systems will contain the updated driver by default [461.09 or later], rendering the described procedure for addressing these very vulnerabilities unnecessary.

Finally, we have performed software tests for LAS X 3.5.7 (SP8), LAS X 3.7.4 (widefield), and LAS X 4.2.0 (STELLARIS) to verify the compatibility of the updated NVIDIA driver [461.09] with our respective LAS X software versions.

NVIDIA Driver Update Instructions for LAS X Workstations

19.10.2020 - Important Security Notice

Vulnerabilities in Image Acquisition software regarding security for the following Imaging Software and Products:
LAS AF | LMD | PAULA | LAS X versions for Confocal, Widefield, and Industry

Recommendation for Corrective Action

Leica Microsystems strongly recommends checking your current version and ensuring that the system setup is up-to-date using the solutions described below. If you are still using one of the software versions listed, please follow these instructions to update your system as soon as possible. To learn about the technical background of the vulnerability, which will be solved by following these instructions, please see “Description of the Problem and Potential Risk” at the end of this page.

Find the version number of your software by selecting ‘About…’ in the ‘Help’ menu.

Security Advice – Step by Step Solution Description

  1. Please select the software that you are using in the tabs below
  2. Lookup the entry for your version and system in the table and follow the instructions (Note: You can find the version number of your software by selecting ‘About…’ in the ‘Help’ menu)

If you have additional questions, you can also contact your Leica Technical Support. In general, we strongly advise that you do not accept any certificates and licenses from untrusted sources and avoid visiting potential malicious websites.

Version

System

Solution Description

3.0.0 and higherSP8Please contact your Leica Technical Support to implement the update to version 3.5.7. If you do not want to update your software at the moment, please follow the instructions below to block the TCP port 22350. To stop attackers from being able to exploit the vulnerability, the TCP port 22350 needs to be blocked in the network communication. It can be done either in your local Windows system (instructions for LAS X and PAULA and instructions for LMD instruments) or in your organization’s network firewall system. Please contact your IT admin for support to block the TCP port 22350. Once this port is blocked, you can continue working with your imaging software. In case activation of licenses might be blocked, please use the file-based activation via e-mail.
OtherAllSolution: Block the TCP port 22350
To stop attackers from being able to exploit the vulnerability, the TCP port 22350 needs to be blocked in the network communication. It can be done either in your local Windows system (instructions for LAS X and PAULA and instructions for LMD instruments) or in your organization’s network firewall system. Please contact your IT admin for support to block the TCP port 22350. Once this port is blocked, you can continue working with your imaging software. In case activation of licenses might be blocked, please use the file-based activation via e-mail.

Version

System

Solution Description

8.x.xAllSolution: Update to version 8.2.3
1) To install the new version, first download the zip file from the following link
webshare3.leica-microsystems.com/downloads/LMD_8.2.3.7603.zip
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.
7.x.xAllSolution: Update to version 8.2.3
Please note that this update is tested only for systems with Windows 10. If you run another version of Windows, please contact your Leica Technical Support for Windows 10 upgrade options.
For Windows 10:
1) To install the new version, first download the zip file from the following link
webshare3.leica-microsystems.com/downloads/LMD_8.2.3.7603.zip
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.

Version

System

Solution Description

1.x.xAll

Solution: Update to version 1.2.3

  1. To install the new version, first download the executable files from the following links:
    Installer: https://webshare3.leica-microsystems.com/downloads/PAULA_Service_1.2.3.26411_setup.exe 
    Driver: https://webshare3.leica-microsystems.com/downloads/PAULA_Driver_1.2.3.14_setup.exe
  2. Unzip the ZIP file on your local computer
  3. From the unzipped files start the file Setup.exe (run as administrator)
  4. Follow the instructions of the installation program. If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.

Version

System

Solution Description

1.x.xConfocal LifeScience SystemPlease contact your Leica Technical Support to implement the update to version 3.5.7.
If you do not want to update your software at the moment, please follow the instructions below to block the TCP port 22350.
To stop attackers from being able to exploit the vulnerability, the TCP port 22350 needs to be blocked in the network communication. It can be done either in your local Windows system (instructions for LAS X and PAULA and instructions for LMD instruments) or in your organization’s network firewall system. Please contact your IT admin for support to block the TCP port 22350. Once this port is blocked, you can continue working with your imaging software. In case activation of licenses might be blocked, please use the file-based activation via e-mail.
1.x.x up to 3.0.11Industry SystemUpdate to version 3.0.15
This update is tested only for systems with Windows 10.
1) To install the new version, first download the zip file from the following link
webshare3.leica-microsystems.com/downloads/LAS_X_3.0.15_23304_Setup.zip
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.
1.0.0 up to 3.6.0Widefield LifeScience System

Solution: Update to version 3.6.1
This update is tested only for systems with Windows 10.
1) To install the new version, first download the zip file from the following link
webshare3.leica-microsystems.com/downloads/LAS_X_3.6.1_23246_Setup.zip
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.
Please do not install this new version on GSD or TIRF-Confocal systems.

2.0.0Confocal LifeScience SystemPlease contact your Leica Technical Support to implement the update to version 3.5.7.
If you do not want to update your software at the moment, please follow the instructions below to block the TCP port 22350.
To stop attackers from being able to exploit the vulnerability, the TCP port 22350 needs to be blocked in the network communication. It can be done either in your local Windows system (instructions for LAS X and PAULA and instructions for LMD instruments) or in your organization’s network firewall system. Please contact your IT admin for support to block the TCP port 22350. Once this port is blocked, you can continue working with your imaging software. In case activation of licenses might be blocked, please use the file-based activation via e-mail.
2.0.1 or 2.0.2Confocal LifeScience SystemIf you are using advanced modalities such as STED or DIVE, please contact your Leica Technical Support to implement the update to version 3.5.7.
If you own a customized solution or you do not want to update your software at the moment, please follow the instructions bewlow to block the TCP port 22350.
If you are working with standard confocal only, please follow the instructions below.

Update to version 3.5.7 (standard confocal mode operation only)
1) To install the new version, first download the zip file from the following link
webshare3.leica-microsystems.com/downloads/LAS_X_3.5.7_23225_Setup.zip
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.

instructions below to block the TCP port 22350.
To stop attackers from being able to exploit the vulnerability, the TCP port 22350 needs to be blocked in the network communication. It can be done either in your local Windows system (instructions for LAS X and PAULA and instructions for LMD instruments) or in your organization’s network firewall system. Please contact your IT admin for support to block the TCP port 22350. Once this port is blocked, you can continue working with your imaging software. In case activation of licenses might be blocked, please use the file-based activation via e-mail.
3.0.12 up to 3.0.13Industry SystemSolution: Update to version 3.0.14
1) To install the new version, first download the zip file from the following link
webshare3.leica-microsystems.com/downloads/LAS_X_3.0.14_23224_Setup.zip
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.
3.1.0Confocal LifeScience SystemIf you are using advanced modalities such as STED or DIVE, please contact your Leica Technical Support to implement the update to version 3.5.7.
If you own a customized solution or you do not want to update your software at the moment, please follow the instructions bewlow to block the TCP port 22350.
If you are working with standard confocal only, please follow the instructions below.

Update to version 3.5.7 (standard confocal mode operation only)
1) To install the new version, first download the zip file from the following link
webshare3.leica-microsystems.com/downloads/LAS_X_3.5.7_23225_Setup.zip
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.

instructions below to block the TCP port 22350.
To stop attackers from being able to exploit the vulnerability, the TCP port 22350 needs to be blocked in the network communication. It can be done either in your local Windows system (instructions for LAS X and PAULA and instructions for LMD instruments) or in your organization’s network firewall system. Please contact your IT admin for support to block the TCP port 22350. Once this port is blocked, you can continue working with your imaging software. In case activation of licenses might be blocked, please use the file-based activation via e-mail.
3.1.1Confocal LifeScience SystemIf you are using advanced modalities such as STED or DIVE, please contact your Leica Technical Support to implement the update to version 3.5.7.
If you own a customized solution or you do not want to update your software at the moment, please follow the instructions bewlow to block the TCP port 22350.
If you are working with standard confocal only, please follow the instructions below.

Update to version 3.5.7 (standard confocal mode operation only)
1) To install the new version, first download the zip file from the following link
webshare3.leica-microsystems.com/downloads/LAS_X_3.5.7_23225_Setup.zip
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.

instructions below to block the TCP port 22350.
To stop attackers from being able to exploit the vulnerability, the TCP port 22350 needs to be blocked in the network communication. It can be done either in your local Windows system (instructions for LAS X and PAULA and instructions for LMD instruments) or in your organization’s network firewall system. Please contact your IT admin for support to block the TCP port 22350. Once this port is blocked, you can continue working with your imaging software. In case activation of licenses might be blocked, please use the file-based activation via e-mail.
3.1.2Confocal LifeScience SystemSolution: Update to version 3.5.7
1) To install the new version, first download the zip file from the following link
webshare3.leica-microsystems.com/downloads/LAS_X_3.5.7_23225_Setup.zip
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.
3.1.5Confocal LifeScience SystemIf you are using advanced modalities such as STED or DIVE, please contact your Leica Technical Support to implement the update to version 3.5.7.
If you own a customized solution or you do not want to update your software at the moment, please follow the instructions bewlow to block the TCP port 22350.
If you are working with standard confocal only, please follow the instructions below.

Update to version 3.5.7 (standard confocal mode operation only)
1) To install the new version, first download the zip file from the following link
webshare3.leica-microsystems.com/downloads/LAS_X_3.5.7_23225_Setup.zip
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.

instructions below to block the TCP port 22350.
To stop attackers from being able to exploit the vulnerability, the TCP port 22350 needs to be blocked in the network communication. It can be done either in your local Windows system (instructions for LAS X and PAULA and instructions for LMD instruments) or in your organization’s network firewall system. Please contact your IT admin for support to block the TCP port 22350. Once this port is blocked, you can continue working with your imaging software. In case activation of licenses might be blocked, please use the file-based activation via e-mail.
3.4.0Confocal LifeScience SystemIf you are using advanced modalities such as STED or DIVE, please contact your Leica Technical Support to implement the update to version 3.5.7.
If you own a customized solution or you do not want to update your software at the moment, please follow the instructions bewlow to block the TCP port 22350.
If you are working with standard confocal only, please follow the instructions below.

Update to version 3.5.7 (standard confocal mode operation only)
1) To install the new version, first download the zip file from the following link
webshare3.leica-microsystems.com/downloads/LAS_X_3.5.7_23225_Setup.zip
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.

instructions below to block the TCP port 22350.
To stop attackers from being able to exploit the vulnerability, the TCP port 22350 needs to be blocked in the network communication. It can be done either in your local Windows system (instructions for LAS X and PAULA and instructions for LMD instruments) or in your organization’s network firewall system. Please contact your IT admin for support to block the TCP port 22350. Once this port is blocked, you can continue working with your imaging software. In case activation of licenses might be blocked, please use the file-based activation via e-mail.
3.5.0Confocal LifeScience SystemIf you are using advanced modalities such as STED or DIVE, please contact your Leica Technical Support to implement the update to version 3.5.7.
If you own a customized solution or you do not want to update your software at the moment, please follow the instructions bewlow to block the TCP port 22350.
If you are working with standard confocal only, please follow the instructions below.

Update to version 3.5.7 (standard confocal mode operation only)
1) To install the new version, first download the zip file from the following link
webshare3.leica-microsystems.com/downloads/LAS_X_3.5.7_23225_Setup.zip
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.

instructions below to block the TCP port 22350.
To stop attackers from being able to exploit the vulnerability, the TCP port 22350 needs to be blocked in the network communication. It can be done either in your local Windows system (instructions for LAS X and PAULA and instructions for LMD instruments) or in your organization’s network firewall system. Please contact your IT admin for support to block the TCP port 22350. Once this port is blocked, you can continue working with your imaging software. In case activation of licenses might be blocked, please use the file-based activation via e-mail.
3.5.1Confocal LifeScience SystemIf you are using advanced modalities such as STED or DIVE, please contact your Leica Technical Support to implement the update to version 3.5.7.
If you own a customized solution or you do not want to update your software at the moment, please follow the instructions bewlow to block the TCP port 22350.
If you are working with standard confocal only, please follow the instructions below.

Update to version 3.5.7 (standard confocal mode operation only)
1) To install the new version, first download the zip file from the following link
webshare3.leica-microsystems.com/downloads/LAS_X_3.5.7_23225_Setup.zip
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.

instructions below to block the TCP port 22350.
To stop attackers from being able to exploit the vulnerability, the TCP port 22350 needs to be blocked in the network communication. It can be done either in your local Windows system (instructions for LAS X and PAULA and instructions for LMD instruments) or in your organization’s network firewall system. Please contact your IT admin for support to block the TCP port 22350. Once this port is blocked, you can continue working with your imaging software. In case activation of licenses might be blocked, please use the file-based activation via e-mail.
3.5.2Confocal LifeScience SystemIf you are using advanced modalities such as STED or DIVE, please contact your Leica Technical Support to implement the update to version 3.5.7.
If you own a customized solution or you do not want to update your software at the moment, please follow the instructions bewlow to block the TCP port 22350.
If you are working with standard confocal only, please follow the instructions below.

Update to version 3.5.7 (standard confocal mode operation only)
1) To install the new version, first download the zip file from the following link
webshare3.leica-microsystems.com/downloads/LAS_X_3.5.7_23225_Setup.zip
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.

instructions below to block the TCP port 22350.
To stop attackers from being able to exploit the vulnerability, the TCP port 22350 needs to be blocked in the network communication. It can be done either in your local Windows system (instructions for LAS X and PAULA and instructions for LMD instruments) or in your organization’s network firewall system. Please contact your IT admin for support to block the TCP port 22350. Once this port is blocked, you can continue working with your imaging software. In case activation of licenses might be blocked, please use the file-based activation via e-mail.
3.5.5Confocal LifeScience SystemIf you are using advanced modalities such as STED or DIVE, please contact your Leica Technical Support to implement the update to version 3.5.7.
If you own a customized solution or you do not want to update your software at the moment, please follow the instructions bewlow to block the TCP port 22350.
If you are working with standard confocal only, please follow the instructions below.

Update to version 3.5.7 (standard confocal mode operation only)
1) To install the new version, first download the zip file from the following link
webshare3.leica-microsystems.com/downloads/LAS_X_3.5.7_23225_Setup.zip
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.

instructions below to block the TCP port 22350.
To stop attackers from being able to exploit the vulnerability, the TCP port 22350 needs to be blocked in the network communication. It can be done either in your local Windows system (instructions for LAS X and PAULA and instructions for LMD instruments) or in your organization’s network firewall system. Please contact your IT admin for support to block the TCP port 22350. Once this port is blocked, you can continue working with your imaging software. In case activation of licenses might be blocked, please use the file-based activation via e-mail.
3.5.6Confocal LifeScience SystemIf you are using advanced modalities such as STED or DIVE, please contact your Leica Technical Support to implement the update to version 3.5.7.
If you own a customized solution or you do not want to update your software at the moment, please follow the instructions bewlow to block the TCP port 22350.
If you are working with standard confocal only, please follow the instructions below.

Update to version 3.5.7 (standard confocal mode operation only)
1) To install the new version, first download the zip file from the following link
webshare3.leica-microsystems.com/downloads/LAS_X_3.5.7_23225_Setup.zip
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.

instructions below to block the TCP port 22350.
To stop attackers from being able to exploit the vulnerability, the TCP port 22350 needs to be blocked in the network communication. It can be done either in your local Windows system (instructions for LAS X and PAULA and instructions for LMD instruments) or in your organization’s network firewall system. Please contact your IT admin for support to block the TCP port 22350. Once this port is blocked, you can continue working with your imaging software. In case activation of licenses might be blocked, please use the file-based activation via e-mail.
3.7.0 up to 3.7.2Widefield LifeScience System

Solution: Update to version 3.7.3
1) To install the new version, first download the zip file from the following link
webshare3.leica-microsystems.com/downloads/LAS_X_3.7.3_23245_Setup.zip
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.
Please do not install this new version on GSD or TIRF-Confocal systems.

All VersionsWidefield LifeScience Systems
GSD, TIRF-Confical		Solution: Block the TCP port 22350
To stop attackers from being able to exploit the vulnerability, the TCP port 22350 needs to be blocked in the network communication. It can be done either in your local Windows system (instructions for LAS X and PAULA and instructions for LMD instruments) or in your organization’s network firewall system. Please contact your IT admin for support to block the TCP port 22350. Once this port is blocked, you can continue working with your imaging software. In case activation of licenses might be blocked, please use the file-based activation via e-mail.
4.0.1Confocal LifeScience SystemSolution: Update to version 4.1.1
1) To install the new version, first download the zip file from the following link
webshare3.leica-microsystems.com/downloads/LAS_X_4.1.1_23273_Setup.zip
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.
4.0.2Confocal LifeScience SystemSolution: Update to version 4.1.1
1) To install the new version, first download the zip file from the following link
webshare3.leica-microsystems.com/downloads/LAS_X_4.1.1_23273_Setup.zip
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.
4.1.0Confocal LifeScience SystemSolution: Update to version 4.1.1
1) To install the new version, first download the zip file from the following link
webshare3.leica-microsystems.com/downloads/LAS_X_4.1.1_23273_Setup.zip
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.
OfflineConfocal LifeScience System (Legacy)Solution: Update to offline version 3.5.7
1) To install the new version, first download the executable file from the following link
webshare3.leica-microsystems.com/downloads/LAS_X_Small_3.5.7_23225_Setup.exe
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.
OfflineConfocal LifeScience System (STELLARIS)Solution: Update to offline version 4.1.1
1) To install the new version, first download the executable file from the following link
webshare3.leica-microsystems.com/downloads/LAS_X_Small_4.1.1_23273_Setup.exe
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.
OfflineWidefield LifeScience SystemSolution: Update to offline version 3.7.3
1) To install the new version, first download the executable file from the following link
webshare3.leica-microsystems.com/downloads/LAS_X_Small_3.7.3_23245_Setup.exe
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.
OfflineIndustry SystemSolution: Update to offline version 3.0.14
1) To install the new version, first download the executable file from the following link
webshare3.leica-microsystems.com/downloads/LAS_X_Small_3.0.14_23224_Setup.exe
2) Unzip the ZIP file on your local computer
3) From the unzipped files start the file Setup.exe (run as administrator)
4) Follow the instructions of the installation program
If you have blocked the TCP port 22350 in the network or on your local machine as a temporary protection, you can unblock it now that you have installed the update.

FAQs

Q: Is there a guide on how to block the TCP port 22350 in Windows 7?

A: Please use the following guidelines for Windows 7 based systems: Windows 7 Work Instructions.

Q: To block the TCP port 22350, I need an admin password for my Windows PC. What is the password for the admin account? 

A: Please contact your local IT department. In case the PC was delivered by Leica Microsystems as part of a system solution, please contact technical service via the Service Portal.

Q: I assume that the vulnerability is with your application software only, but because we use the Leica SDK hardware, I would like to know whether it is also affected?

A: This issue does not affect the Leica SDK hardware for developers nor the Hardware Configurator, because they do not install and do not use the vulnerable component.

Q: Does the current security issue also affect the free LASX offline packages?

A: Yes, this affects also the free LASX offline packages.

Q: I want to solve this issue myself ASAP and noticed that WIBU provides the latest CodeMeter version on their web page. Can I update the CodeMeter software to the latest version to fix the security issue myself?

A: No, you need to install the next released software version from Leica Microsystems to solve this security issue. The release will be communicated on our webpage.

Q: Where can I find the release notes for the new software versions listed above?

A: The release notes for the individual versions can be found at the following links

Description of the Problem and Potential Risk

The software vendor WIBU Systems disclosed vulnerabilities in their product CodeMeter. This product is widely used in the industry for license management and is also embedded in image acquisition software from Leica Microsystems (in product lines LAS X , LAS AF, PAULA, LMD). The ability to exploit the vulnerability is limited to computers connected to a network. In a worst-case scenario, an attacker could cause a denial-of-service condition and attain remote code execution on the PC where the acquisition software is installed.

In general, please do not accept any certificates and licenses from untrusted sources and avoid visiting potentially malicious websites.

More information

For more details regarding the vulnerabilities in CodeMeter Runtime refer to:

Vous souhaitez en savoir plus ?

Parlez à nos experts. Nous sommes heureux de répondre à toutes vos questions et préoccupations.

Contactez-nous

Préférez-vous un conseil personnalisé ?

Vous trouverez une liste plus détaillée de tous les contacts ici.