LanGuard's Apache web server (communication server) may not be up-to-date with the latest version and is reported by customers to have known vulnerabilities when scanned by LanGuard or other security scanners (Nessus).
- GFI LanGuard 2012 and later (all builds)
- All supported environments
Vulnerabilities are discovered from time to time in the Apache server software by security reporting agencies.
- GFI Software development updated GFI LanGuard's Apache server to version 2.4.16 on 07/30/2015 through the Program Updates feature.
- They test and upgrade the Apache server version during each major and minor releases. These are released normally every six months.
- This update of Apache is done automatically via the Program Updates module and development use this method as needed to address security vulnerabilities in Apache.
- Our version of Apache does not use all the modules within Apache (such as SSL) and therefore, some known Apache vulnerabilities may not apply to our version. These updates require extensive testing to make sure they do not affect GFI LanGuard capabilities.
- Due to this, some elements of the server may be out-of-date and reflect on certain vulnerabilities.