Loading
search-img
Title
HOTFIX: Vulnerabilities in installers created from InstallShield 2018 R2 due to zlib 1.2.3

Symptoms:

Vulnerabilities CVE-2016-9843, CVE-2016-9842, CVE-2016-9841, CVE-2016-9840 are generically flagged against version 1.2.8 and less of zlib. Although there is no specific tagging of zlib version 1.2.3, InstallShield has proactively upgraded the version of zlib used from 1.2.3 to 1.2.11 to avoid generic vulnerability flagging.

Diagnosis:

A few binary scans show vulnerabilities associated with a different version of zlib (Ex 1.2.2 or 1.2.8) against compressed bootstrappers(setup.exe) built out of InstallShield 2018 R2. The results are confusing since the vulnerabilities are not for version 1.2.3 and yet appear in security scans causing customers to be concerned.

Solution:

This issue is being tracked under issue #IOJ-1900586. Engineering has released a hotfix that avoids generic vulnerability flagging by upgrading the version of Zlib to 1.2.11 which has no known vulnerabilities at the time of writing this article.

Additional Information:

Below is the download link for the zlib Patch of InstallShield 2018 R2:

https://flexerasoftware.flexnetoperations.com/control/inst/AnonymousDownload?dkey=14557347

Was this helpful?
Support Hub
Product
InstallShield
Visibility
Guest
URL Name
hotfix-vulnerabilities-in-installers-created-from-installshield-2018-r2-due-to-zlib-1-2-3

Related Articles

Create a case with Support
0/255
Upload Attachment
File Upload
Maximum file size allowed is 3 MB.
File type not supported.
Supported file types:
Documents (.txt, .doc, .docx, .pdf), Images (.jpg, .png), Comma Separated Files (.csv) Speadsheets (.xlsx, .xls)

Are you sure you want to cancel the case creation?

Are you sure you want to close this case

Get Hotline support
Products Region Phone Numbers
FlexNet Operations
FlexNet Embedded
FlexNet Publisher
FlexNet Connect
FlexNet Code Insight
InstallAnywhere
InstallShield 		North America  * +1 630-332-2513 (toll)
+1 877-279-2853 (toll-free in North America)
Europe  * +44 1925 944367 (toll)
+44 800 047 8642 (toll-free in Europe)
Japan  * +81 3-4540-5335 (select option 2)
Australia  * +61 3 9895 2177
+61 1800 560 603 (toll-free in Australia)
Usage Intelligence (formerly Revulytics)
Compliance Intelligence 		Please use the Case Portal to submit your support ticket or reach out to your Revenera contact.
Book an Appointment
File Upload
Maximum file size allowed is 3 MB.
File type not supported.
Supported file types:
Documents (.txt, .doc, .docx, .pdf), Images (.jpg, .png), Comma Separated Files (.csv) Speadsheets (.xlsx, .xls)
+1.800.374.4353
CONTACT US REVENERA.COM FLEXERA.com
© 2026 Flexera Software. All Rights Reserved.
Privacy policy Terms and conditions Flexera Community Contact Us
Loading
HOTFIX: Vulnerabilities in installers created from InstallShield 2018 R2 due to zlib 1.2.3