Skip to main content
CrashPlan Support

Manually resolve security vulnerability in CrashPlan app version 4.8.2 and earlier

Applies to:
  • CrashPlan for Home

Overview

CrashPlan app versions 4.8.2 and earlier contain a security vulnerability that could allow escalation of privilege on Windows devices. This vulnerability is already corrected in CrashPlan app version 4.8.3. All CrashPlan for Home devices with supported operating systems automatically upgraded to version 4.8.3 on June 13, 2017.

This article provides a manual workaround to remove the vulnerability from older versions of the CrashPlan app. These steps are recommended only for customers who cannot upgrade to CrashPlan app version 4.8.3 or later.

Affects

CrashPlan app version 4.8.2 and earlier on Windows devices.

Recommended solution for CrashPlan app 4.8.2 and earlier

These steps are recommended only for customers who cannot upgrade their devices to CrashPlan app version 4.8.3 or later. Follow these steps on each device:

  1. Open the CrashPlanService.ini file in a plain text editor.
    • Installed for everyone (default): C:\Program Files\CrashPlan\CrashPlanService.ini
    • Installed per user: C:\Users\<username>\AppData\<Local or Roaming>\Programs\CrashPlan\CrashPlanService.ini
  2. Locate the line beginning with Class Path =.
  3. Delete the path C:\ProgramData\CrashPlan\lang from that line.
  4. Save the changes to the file.
  • Was this article helpful?