|
December 11, 2007
Dear Accounting Professional,
We view accounting professionals as trusted allies in serving our QuickBooks users and as important customers who use our products in their firms. Therefore, we are notifying you that we have identified, and created a solution for, a potential security vulnerability in some of our Windows-based tax, consumer and small business software.
The risk involves AnswerWorks software, which is licensed from Vantage and developed on Microsoft’s ActiveX platform. It’s used in the “Help” feature of some of Intuit’s products.
We know of no cases where someone has taken advantage of this vulnerability. However, if exploited, it could allow a hacker to access the data on your computer. Downloading the update below will eliminate this vulnerability, so it’s important for every customer to install the update.
What You and Your Clients Should Do
1. If you or your clients have ever installed any of the Intuit products listed below on your computer, download and install Intuit’s patch at Intuit.com/support/security/, which will immediately eliminate the vulnerability. The patch is approximately 1MB and should download in about 20 seconds on broadband connections.
2. As a further precaution, this patch is scheduled to be released as part of Microsoft’s next Windows Security Update planned for Dec 11. Of course, downloading Intuit’s patch is the most immediate way to eliminate the vulnerability.
If asked by your clients, please recommend they install the Intuit update at Intuit.com/support/security/. Note that we’re in the process of communicating the update instructions to all customers through our product Web sites.
Which Products Are Affected?
The vulnerability involves code that’s part of the “Help” function in the following Windows-based Intuit products:
• QuickBooks (all versions) – 2005-2007
• QuickBooks: Premier Accountant Edition – 2005-2007
• ProSeries (all versions) – 2003-2006
• Innovative Merchant Solutions QuickBooks Credit Card Processing Kit and Invoice Manager (all versions)
• Quicken (all versions) – 2008
• TurboTax (all versions) – 2003-2006
Note that Lacerte software is not affected by this issue
Only one security and maintenance update required. If you have more than one of the Intuit products listed above on your computer, one download of the Intuit update will protect all versions and years of the Intuit products.
Impact on Help Feature in Prior-Year Versions
Reinstalling a prior- year version of any of these products after downloading the patch could affect the “Help” function in some products. If this happens, simply re-run the Intuit update.
Further Information
For detailed information, see the information on intuit.com/support/security/. If you need more information, contact either the QuickBooks or ProSeries technical support teams.
Thank you for your assistance,
Jill Ward, Vice President and General Manager, Intuit Accounting Professionals Division
| ![[There's a reason that Yoda is the unofficial mascot of SBS. Size indeed matters not.]](http://www.sbslinks.com/images/headertop.png "There's a reason that Yoda is the unofficial mascot of SBS. Size indeed matters not!")