You are viewing limited content. For full access, please sign in.

Question

Question

Laserfiche 10.3 Client .net framework 3.5 required?

asked on July 16, 2018 Show version history

I was wondering if the .net framework 3.5 is required for the latest Laserfiche 10.3 Client installation? That is very outdated and in-secure in quite a few ways. Is it possibly an oversight and wasn't removed as an installation requirement or is it actually required?

 

0 0

Replies

replied on July 17, 2018

Can anyone reply?

0 0
replied on July 17, 2018

It is required for Laserfiche Scanning. If you do not install that module you should be fine and the installer will not prompt it.

 

I was curious on your source of a patched .NET 3.5 install being insecure so I did some googling and did not find much. It is just annoying that often times we have to get this installed on client machines as it does take awhile.

0 0
replied on July 18, 2018

Thanks for your reply John. Here's a list of security concerns in .NET frameworks prior to 4.5 (Note some may have been subsequently patched) but it is best not to use versions prior to 4.5.

https://www.cvedetails.com/vulnerability-list/vendor_id-26/product_id-2002/version_id-82466/Microsoft-.net-Framework-3.5.html

 

I got that link from googling .NET 3.5 Security concerns

 

Another topic of concern with .NET versions prior to 4.5 is with TLS. TLS1.2 is being required by many companies due to security concerns. TLS 1.2 is not in the enumeration for SslProtocols in .NET 3.5, it was added to the enum in .NET 4.5.  See: https://stackoverflow.com/questions/43240611/net-framework-3-5-and-tls-1-2  Or a google search on .net 3.5 and tls 1.2

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.