KB2021.409
FAQ: Potential vulnerability in Check for Updates function in Domain Time

This article applies to Domain Time II.

Last Updated: 09 Apr 2021

Explanation
Greyware versions of Domain Time Client, Server, and Manager have the option of checking with Greyware's server to see if newer versions of the software are available for download. Versions of Domain Time prior to 5.2.b.20210331 have a potential vulnerability, which allows a malicious Man-At-Same-Site program's reply to sneak in before the reply from Greyware's server. This could lead an incautious user to visit a site other than Greyware to download other software masquerading as a Greyware update.

This is a highly contrived situation, which relies on luck to succeed. We have no reports of this vulnerability actually being exploited, but proof of concept testing in a lab shows it is possible.

Solution
Upgrade to the latest version of Domain Time. Version 5.2.b.20210331 and newer are not susceptible to this issue.

Mitigation
If you are unable to upgrade to the latest version of Domain Time, you may mitigate the vulnerability by doing the following:

  • By deleting the DTTRAY.EXE program.
    On Domain Time Client and Server, the check for updates function is provided by the System Tray Icon program (DTTRAY.EXE). The System Tray is not required for Domain Time to function, so you may simply choose to delete the     DTTRAY.EXE file from the \System32 folder.

  • By preventing the System Tray Icon from auto-loading.
    You may delete the following registry key.

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Domain Time Tray Icon

  • By preventing the Check for Updates option from appearing on the System Tray Icon's context menu.
    If you set the following key to False, the Check for Updates function will not be available:

    HKEY_LOCAL_MACHINE\SOFTWARE\Greyware\Domain Time System Tray Icon\Allow Check for Newer Version

You can also disable automatic checking for updates by setting these registry keys to False:

  • For Domain Time Client and Server:
    HKEY_LOCAL_MACHINE\SOFTWARE\Greyware\Domain Time System Tray Icon\Check for Newer Version on Startup

  • For Domain Time Manager:
    HKEY_LOCAL_MACHINE\SOFTWARE\Greyware\Domain Time II Manager\Parameters\Check for Newer Version on Startup

Domain Time II Software distributed by Microsemi, Inc.
Documentation copyright © 1995-2024 Greyware Automation Products, Inc.
All Rights Reserved
All Trademarks mentioned are the properties of their respective owners.