| January 20th, 2012
Sony Corporation
Sony Marketing of Japan Corporation
Sony Customer Service of Japan Corporation
Dear Valued Sony Customer,
Sony has recently identified a software vulnerability which involves a buffer overflow in the network connecting application software installed in VAIO personal computers, which have been sold during the period of June 2011 until January 2012. A security update program for this issue has been released and Sony recommends that all customers who have the affected VAIO models immediately apply the update program.
Affected software:
VAIO Easy Connect Ver.1.0.0 and Ver.1.1.0
Affected products:
VAIO personal computers on which the above software are pre-installed.
Click on a Series name in the list below to show the affected models for that Series. - CA Series
VPCCA2C5E, VPCCA2S0E/D, VPCCA2S0E/G, VPCCA2S0E/L, VPCCA2S0E/P, VPCCA2S0E/R, VPCCA2S0E/W, VPCCA2S1E/D, VPCCA2S1E/G, VPCCA2S1E/L, VPCCA2S1E/P, VPCCA2S1E/R, VPCCA2S1E/W, VPCCA2S1R/D, VPCCA2S1R/L, VPCCA2S1R/P, VPCCA2S1R/R, VPCCA2S1R/W, VPCCA2Z0E/G, VPCCA2Z0E/L, VPCCA2Z0E/P, VPCCA2Z0E/R, VPCCA2Z0E/W, VPCCA3C5E, VPCCA3E1E/D, VPCCA3E1E/G, VPCCA3E1E/L, VPCCA3E1E/P, VPCCA3E1E/R, VPCCA3E1E/W, VPCCA3S1E/D, VPCCA3S1E/G, VPCCA3S1E/L, VPCCA3S1E/P, VPCCA3S1E/R, VPCCA3S1E/W, VPCCA3S1R/D, VPCCA3S1R/L, VPCCA3S1R/P, VPCCA3S1R/R, VPCCA3S1R/W, VPCCA3X1R/BI, VPCCA3X1R/PI, VPCCA4C5E - CB Series
VPCCB2C5E, VPCCB2M0E/B, VPCCB2M1E/B, VPCCB2M1E/W, VPCCB2M8E/B, VPCCB2S1E/B, VPCCB2S1E/W, VPCCB2S1R/B, VPCCB2S8E/B, VPCCB2Z8E/B, VPCCB3C5E, VPCCB3M1E/B, VPCCB3M1E/W, VPCCB3P1E/B, VPCCB3S1E/B, VPCCB3S1E/W, VPCCB3S1R/B, VPCCB3S8E/B, VPCCB3Z8E/B - EG Series
VPCEG1S1R/B, VPCEG1S1R/P, VPCEG1S1R/W - EH Series
VPCEH1C5E, VPCEH1E1E/B, VPCEH1E1E/L, VPCEH1E1E/W, VPCEH1E1R/B, VPCEH1E1R/W, VPCEH1J1E/B, VPCEH1J1E/L, VPCEH1J1E/W, VPCEH1J8E/B, VPCEH1J8E/W, VPCEH1L0E/B, VPCEH1L0E/L, VPCEH1L0E/W, VPCEH1L1R/B, VPCEH1L1R/L, VPCEH1L1R/W, VPCEH1L8E/B, VPCEH1L8E/P, VPCEH1L8E/W, VPCEH1L9E/B, VPCEH1M0E/L, VPCEH1M1E/B, VPCEH1M1E/L, VPCEH1M1E/W, VPCEH1M1R/B, VPCEH1M1R/W, VPCEH1M8E/B, VPCEH1M8E/L, VPCEH1M8E/W, VPCEH1M9E/B, VPCEH1M9R/B, VPCEH1S0E/B, VPCEH1S0E/L, VPCEH1S0E/W, VPCEH1S1E/B, VPCEH1S1E/L, VPCEH1S1E/W, VPCEH1S1R/B, VPCEH1S1R/W, VPCEH1S8E/B, VPCEH1S8E/W, VPCEH1S9E/B, VPCEH1Z1E/B, VPCEH1Z1E/L, VPCEH1Z1R/B, VPCEH1Z8E/B, VPCEH1Z8E/L, VPCEH2A4E, VPCEH2A9E, VPCEH2A9R, VPCEH2B4E, VPCEH2B9E, VPCEH2C0E/B, VPCEH2C0E/L, VPCEH2C0E/P, VPCEH2C0E/W, VPCEH2C1E/B, VPCEH2C1E/W, VPCEH2C4E, VPCEH2C5E, VPCEH2D0E/B, VPCEH2D0E/W, VPCEH2D1E/B, VPCEH2D1E/L, VPCEH2D1E/W, VPCEH2D4E, VPCEH2E0E/B, VPCEH2E0E/W, VPCEH2E1R/B, VPCEH2E1R/W, VPCEH2E4E, VPCEH2F1E/B, VPCEH2F1E/W, VPCEH2F4E, VPCEH2G4E, VPCEH2H1E/B, VPCEH2H1E/L, VPCEH2H1E/P, VPCEH2H1E/W, VPCEH2H4E, VPCEH2J1E/B, VPCEH2J1E/L, VPCEH2J1E/W, VPCEH2J1R/B, VPCEH2J1R/L, VPCEH2J1R/W, VPCEH2J4E, VPCEH2J9R/B, VPCEH2K1E/L, VPCEH2K1E/W, VPCEH2K4E, VPCEH2L1R/B, VPCEH2L1R/W, VPCEH2L4E, VPCEH2L9E/B, VPCEH2M0E/L, VPCEH2M0E/W, VPCEH2M1E/B, VPCEH2M1E/L, VPCEH2M1E/W, VPCEH2M1R/B, VPCEH2M1R/L, VPCEH2M1R/W, VPCEH2M4E, VPCEH2M9E/B, VPCEH2N1E/B, VPCEH2N1E/L, VPCEH2N1E/P, VPCEH2N1E/W, VPCEH2P0E/B, VPCEH2P1E/B, VPCEH2P1E/W, VPCEH2Q1E/B, VPCEH2Q1E/L, VPCEH2Q1E/W, VPCEH2S1E/B, VPCEH2S1R/B, VPCEH2S9E/B, VPCEH2Z1E/B, VPCEH2Z1E/L, VPCEH3A4E, VPCEH3A4R, VPCEH3B1E/B, VPCEH3B1E/L, VPCEH3B1E/P, VPCEH3B1E/W, VPCEH3B4E, VPCEH3C0E/W, VPCEH3C4E, VPCEH3C5E, VPCEH3D0E/W, VPCEH3D4E, VPCEH3E0E/B, VPCEH3E0E/L, VPCEH3E0E/P, VPCEH3E0E/W, VPCEH3F1E/B, VPCEH3F1E/W, VPCEH3F1R/B, VPCEH3F1R/W, VPCEH3G1E/B, VPCEH3H1E/B, VPCEH3H1E/L, VPCEH3H1E/P, VPCEH3H1E/W, VPCEH3J1E/B, VPCEH3J1E/W, VPCEH3J1R/B, VPCEH3J1R/L, VPCEH3J1R/W, VPCEH3K1E/B, VPCEH3K1E/L, VPCEH3K1E/W, VPCEH3L1E/B, VPCEH3L1E/W, VPCEH3M1E/B, VPCEH3M1E/W, VPCEH3M1R/B, VPCEH3M1R/W, VPCEH3N1E/B, VPCEH3N1E/L, VPCEH3N1E/P, VPCEH3N1E/W, VPCEH3N6E/B, VPCEH3N6E/W, VPCEH3P1E/B, VPCEH3P1E/L, VPCEH3P1E/W, VPCEH3P1R/B, VPCEH3P1R/W, VPCEH3Q1E/B, VPCEH3Q1E/W, VPCEH3S1E/B, VPCEH3S1E/W, VPCEH3S1R/B, VPCEH3S6E/W, VPCEH3S8E/B, VPCEH3S8E/L, VPCEH3S8E/W, VPCEH3T9E/B, VPCEH3U1E/B, VPCEH3V8E/B, VPCEH3V8E/W, VPCEH3Z1E/B - EJ Series
VPCEJ1C5E, VPCEJ1E1E/B, VPCEJ1E1E/W, VPCEJ1E1R/W, VPCEJ1J1E/B, VPCEJ1J1E/W, VPCEJ1L1E/B, VPCEJ1L1E/W, VPCEJ1L1R/W, VPCEJ1M1E/B, VPCEJ1M1E/W, VPCEJ1M1R/B, VPCEJ1M9E/B, VPCEJ1S1E/B, VPCEJ1Z1E/B, VPCEJ1Z1E/W, VPCEJ2A4E, VPCEJ2A9E, VPCEJ2A9R, VPCEJ2B1E/B, VPCEJ2B4E, VPCEJ2B9E, VPCEJ2C4E, VPCEJ2C5E, VPCEJ2D1E/B, VPCEJ2E1E/B, VPCEJ2E1E/W, VPCEJ2J1E/B, VPCEJ2J1E/W, VPCEJ2L1E/B, VPCEJ2L1E/W, VPCEJ2L1R/W, VPCEJ2M1E/B, VPCEJ2M1E/W, VPCEJ2M1R/W, VPCEJ2S1E/B, VPCEJ2S1R/B, VPCEJ2S9E/B, VPCEJ2Z1E/B, VPCEJ3A4E, VPCEJ3A4R, VPCEJ3B1E/B, VPCEJ3B1E/W, VPCEJ3B4E, VPCEJ3C4E, VPCEJ3C5E, VPCEJ3D1E/B, VPCEJ3D1E/W, VPCEJ3D4E, VPCEJ3E1E/B, VPCEJ3J1E/W, VPCEJ3K1E/B, VPCEJ3K1E/W, VPCEJ3L1E/B, VPCEJ3L1E/W, VPCEJ3L1R/W, VPCEJ3M1E/B, VPCEJ3M1E/W, VPCEJ3M1R/W, VPCEJ3N1E/B, VPCEJ3Q1E/B, VPCEJ3S1E/B, VPCEJ3S1R/B, VPCEJ3T1E/B, VPCEJ3Z1E/B - EK Series
VPCEK2S1R/B, VPCEK2S1R/W, VPCEK3S1R/B, VPCEK3S1R/W - EL Series
VPCEL1E1E/B, VPCEL1E1E/W, VPCEL1E1R/B, VPCEL1E1R/W, VPCEL2S1E/B, VPCEL2S1E/W, VPCEL2S1R/B, VPCEL2S1R/W, VPCEL3S1E/B, VPCEL3S1E/W, VPCEL3S1R/B, VPCEL3S1R/W, - F2 Series
VPCF22C5E, VPCF22E1R/B, VPCF22J1E/B, VPCF22L1E/B, VPCF22M0E/B, VPCF22M1E/B, VPCF22M1R/B, VPCF22S1E/B, VPCF22S1R/B, VPCF22S8E/B, VPCF23A9E, VPCF23A9R, VPCF23B9E, VPCF23C5E, VPCF23K1E/B, VPCF23L1E/B, VPCF23M1E/B, VPCF23M1R/B, VPCF23N1E/B, VPCF23P1E/B, VPCF23Q1E/B, VPCF23S1E/B, VPCF23S1R/B, VPCF23X1R/BI, VPCF23Z1E/BI, VPCF23Z1R/BI, VPCF24A4E, VPCF24A4R, VPCF24B4E, VPCF24C4E, VPCF24C5E, VPCF24D4E - J2 Series
VPCJ21L0E/B, VPCJ21L8E/B, VPCJ21M1E/B, VPCJ21M9E/B, VPCJ21S1E/B, VPCJ21S1R/B, VPCJ23M9E/B - L2 Series
VPCL22K1E/B, VPCL22S1E/B, VPCL22S1R/B, VPCL22V1E/B, VPCL22Z1E/B, VPCL22Z1R/B - SA Series
VPCSA2A7E, VPCSA2A7R, VPCSA2B7E, VPCSA2B7R, VPCSA2C5E, VPCSA2C7E, VPCSA2D7E, VPCSA2E7E, VPCSA2F7E, VPCSA2G7E, VPCSA2H7E, VPCSA2S9R/BI, VPCSA2V9R/BI, VPCSA2Z9E/BI, VPCSA2Z9R/BI, VPCSA2Z9R/T, VPCSA3A9E, VPCSA3B9E, VPCSA3J1E/XI, VPCSA3L9E/XI, VPCSA3M9E/XI, VPCSA3N9E/XI, VPCSA3Q9E/XI, VPCSA3S9E/XI, VPCSA3S9R/XI, VPCSA3T9E/XI, VPCSA3V9E/XI, VPCSA3X9E/XI, VPCSA3X9R/XI, VPCSA3Z9E/XI, VPCSA3Z9R/T, VPCSA3Z9R/XI, VPCSA4A4E, VPCSA4B4E, VPCSA4C5E - SB Series
VPCSB2A7E, VPCSB2A7R, VPCSB2B7E, VPCSB2B7R, VPCSB2C5E, VPCSB2C7E, VPCSB2D7E, VPCSB2E7E, VPCSB2F7E, VPCSB2G7E, VPCSB2H7E, VPCSB2J9E/P, VPCSB2J9E/W, VPCSB2L1E/S, VPCSB2L1E/W, VPCSB2L1R/L, VPCSB2L1R/P, VPCSB2L1R/W, VPCSB2M9E/B, VPCSB2M9E/S, VPCSB2P9E/B, VPCSB2S9E/B, VPCSB2S9E/W, VPCSB2V9E/B, VPCSB2X9R/B, VPCSB2X9R/S, VPCSB2Z9R/B, VPCSB3A9E, VPCSB3A9R, VPCSB3B9E, VPCSB3C5E, VPCSB3L9E/R, VPCSB3L9E/S, VPCSB3L9E/W, VPCSB3M1R/L, VPCSB3M1R/P, VPCSB3M1R/R, VPCSB3M1R/W, VPCSB3M9E/B, VPCSB3M9E/S, VPCSB3N9E/B, VPCSB3N9E/S, VPCSB3Q9E/P, VPCSB3Q9E/S, VPCSB3Q9E/W, VPCSB3S9E/B, VPCSB3T9E/R, VPCSB3V9E/B, VPCSB3V9R/B, VPCSB3V9R/S, VPCSB3X9E/B, VPCSB3Z9E/B, VPCSB3Z9R/B, VPCSB4A4E, VPCSB4A4R, VPCSB4B4E, VPCSB4C5E - SE Series
VPCSE1A9E, VPCSE1A9R, VPCSE1B9E, VPCSE1C5E, VPCSE1C9E, VPCSE1D9E, VPCSE1E1E/S, VPCSE1J1E/S, VPCSE1L1E/S, VPCSE1M1E/S, VPCSE1S9E/B, VPCSE1V9E/B, VPCSE1V9R/B, VPCSE1X1R/B, VPCSE1X9E/S, VPCSE1Z9E/B, VPCSE1Z9R/B, VPCSE2A4E, VPCSE2A4R, VPCSE2B4E, VPCSE2C4E, VPCSE2C5E, VPCSE2D4E - YB Series
VPCYB2L1R/B, VPCYB2L1R/G, VPCYB2L1R/P, VPCYB2L1R/S, VPCYB2M1E/G, VPCYB2M1E/P, VPCYB2M1E/S, VPCYB3Q1R/B, VPCYB3Q1R/G, VPCYB3Q1R/P, VPCYB3Q1R/S, VPCYB3V1E/G, VPCYB3V1E/P, VPCYB3V1E/S - Z2 Series
VPCZ21A7E, VPCZ21A7R, VPCZ21A9E/B, VPCZ21B7E, VPCZ21B7R, VPCZ21C5E, VPCZ21C7E, VPCZ21D7E, VPCZ21E7E, VPCZ21F7E, VPCZ21G7E, VPCZ21H7E, VPCZ21L9E/B, VPCZ21M9E/B, VPCZ21Q9E/B, VPCZ21S9E/B, VPCZ21V9E/B, VPCZ21V9R/X, VPCZ21X9E/B, VPCZ21X9R/B, VPCZ21X9R/N, VPCZ21Z9R/X, VPCZ23A4E, VPCZ23A4R, VPCZ23B4E, VPCZ23C4E, VPCZ23C5E, VPCZ23D4E Potential influence
The vulnerability could potentially allow an arbitrary code to run on the affected products when browsing to a web-site made by a malicious attacker.
Solution
Sony has released an update program for the affected software that resolves this issue. All subject customers with affected products are recommended to immediately upgrade to the newest version of the application by using VAIO Update (the update will be automatically installed if VAIO Update is running with default settings) or by downloading and installing the update program manually.
How can you check if your computer uses a vulnerable version of VAIO Easy Connect?
- Click Start, type VAIO Easy Connect and press Enter.
![[Image: Windows Start menu with typed text VAIO Easy Connect and matching search result]](https://www.sony.com/articleimage/servlet/servlet.FileDownload?file=0155F000006buYoQAI)
- Right-click the title bar and select About VAIO Easy Connect
![[image: VAIO Easy connect window with context menu of the title bar]](https://www.sony.com/articleimage/servlet/servlet.FileDownload?file=0155F000006bte1QAA)
- If the Version number starts with 1.0.0 or 1.1.0 an update is required.
Download and install the VAIO Easy Connect Security update program.
![[image: VAIO easy connect about window with version information]](https://www.sony.com/articleimage/servlet/servlet.FileDownload?file=0155F000006buf5QAA)
Contact Window
In case of further questions, please contact Sony Support.
Acknowledgments
Sony would like to thank High-Tech Bridge SA Security Research Lab for reporting the relevant issues and working with Sony to help protect our customers. |
