Microsoft released a critical update to Windows on November 8 to address a security vulnerability. Openlink Findur users awoke Monday to showstopper failures throughout the application.
Findur users reported failures spanning versions as early as version 14 and as recent as version 22. Indications are that this issue is global in scope.
The only confirmed solution available right now is to rollback the Windows update and accept the security vulnerability. Openlink has proposed a configuration change that is being tested by some of our contacts. The early feedback is that the proposed solution is not effective.
The exact symptoms vary from one version to the next.
At some sites, we have seen that any database query from inside Findur fails when the query includes a ‘float’ field. For the non-technical users, that’s just a decimal number like notional or proceeds. How that failure appears to the user can vary depending on which screen they open first. The Account Balances screen obviously queries settlement amounts, and exhibits a different symptom to the Settlement Desktop.
Sample error messages include –
At other sites, we have heard that when a user opens the Account Balances screen, the application will fail with no message in the logs. At that site, users can run queries on float fields inside Findur.
If you have any confirmed details about the problem or a potential solution, please let us know!
More information about the critical security vulnerability that affects the ODBC driver is available on Microsoft’s site here: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41047.
Contact us if you would like more details. We support a wide variety of Findur clients operating versions 14 through 22 around the globe. We will continue to update this page as the news develops.
