To install the update simply select ‘Check for Updates’ from inside the IDE or visit download the most recent version.
If you are using the listed version or a higher one, then you need to update. A: We are not aware of similar vulnerabilities in older versions.
Built-in web server was introduced in December 2012 (branch 129.x), and the above-mentioned and fixed internal RPC vulnerabilities did not exist in older versions.
Still, a possibility of vulnerabilities in older versions exists, which is why we recommend upgrading your IDE if it was released more than 3 years ago. A: Re Sharper, Re Sharper C++, dot Cover, dot Memory, dot Trace, dot Peek, Team City, You Track, Upsource and Hub are not affected and do not need this security update. A: Make sure to merge the latest changes from the corresponding branch of intellij-community: the “129”, “131”, .. “145.*” builds correspondingly and “master” for the “146.*” or “162.*” builds.) For details please contact [email protected] the partner team at [email protected] any questions or concerns.
Q: I need a full download rather than a patch for an earlier version of the IDE. A: Check the previous versions page for your product below. A: Please contact us about the problems that prevent you from updating. Q: I’m using an IDE built on Intelli J Platform but not from Jet Brains. A: We have been in contact with our partners building on Intelli J Platform.
We have just released an important update for all Intelli J-based IDEs.
This update addresses critical security vulnerabilities inside the underlying Intelli J Platform.
The vulnerabilities, in various forms, are also present in older versions of the IDEs; therefore, patches for those are also available.
While we have had no reports of any active attacks against these vulnerabilities, we strongly recommend for all users to install the update as soon as possible.
Please read more on the issues and ways to update below.