This repository has been archived by the owner on Feb 12, 2019. It is now read-only.
Update on Telerik Security Detection
Security Analyzer can warn if your DNN site is using an insecure version of Telerik.Web.UI.DLL. Recently, we released an updated version of this DLL. The Security Analyzer had to be updated as well to register the new version of this assembly.
The following changes went into this release:
- Ignoring deleted Super Users from the "Check if superusers are not regularly changing passwords" check (pull request #26 ).
- Remove unnecessary exceptions in the "Check for extra disk/folders access" where site didn't have ANY permission to few folders (pull request #19 ).
- Updated the checks to take into consideration the latest Telerik patch (HotFix2017.1-1.2.0).
- Automatically create Telerik.Upload.ConfigurationHashKey web.config entry when not present.
More details about the reasons behind this update can be found here: http://www.dnnsoftware.com/community-blog/cid/155449/critical-security-update--september2017