Need Help Applying These Steps or Have Been Breached? Reach out to ReliBiz for Reliable IT Services www.ReliBiz.com

12/9/24 Vulnerability Mitigation Steps

Check Version

1. Open  C:\LexiCom\LexiCom.exe or  C:\VLTrader\VLTrader.exe

2. Click Help > About
   
   

   

   Click Help > About

   
   

   
   
   

3. Ensure the Version is 5.8.0.21
   

   

   Ensure the Version is 5.8.0.21 or better

   
   
   

4. Click Close

   
   

   
   

Update

If Your Version is 5.8.0.21+ Skip To “Change Autorun”

1. Click Tools and then Software Update
   

   

   Click Tools and then Software Update

   
   

   
   
   

2. If the information in the Contact Section is not Correct or is Blank, Fill out the Information and then Click Reregister, (And then Check Registration, and then Register) If it’s filled out, skip to 3.
   
   

   

   Fill our the contact information

   
   

   
   
   

3. Click Check for Update
   
   
   

   

   After you've filled out the contact information and reregistered, Click Check for Update

   
   
   

4. Follow the Prompts. If you are currently upgrading from another 5.8.0.0 Revision see Appendix A Below for guidance. If you are upgrading from an earlier version, you will likely need to go through a separate installation process.

   
   

   
   

   If you are currently upgrading from another 5.8.0.0 Revision Follow these steps. If you are upgrading from an earlier version, you will likely need to go through a separate installation process.

   1. Click Save
      

      

      Save the File

      
      

   2. Accept the Terms and then Click Continue
      
      

      

      Agree and Click COntinue

      
      

   3. Click Okay
      

      

      Click OK

      
      

   4. Click Okay (again)

      

      Click OK

      
      

   
   
   

   
   

5. After you have completed the install process, press the Windows + R Key, and type
   services.msc

   
   

   

   Start the Services Snapin

   
   
   
   

6. Look for Lexicom or VL Trader  Right Click on it, and then Click Restart
   
   
   

   

   Restart the Servce

   
   

7. Check the Version Again

8. Repeat this process until you See Version 5.8.0.21

Change AutoRun Folder

1. Open Lexicom/VLTrader If it’s not already open

2. Click Configure and then Options
   
   

   

   Open Options

   
   

3. Click the Other tab

4. Change the Autorun Directory to Autorun-DummyFolder\

   THIS DIRECTORY MUST NOT EXIST!

5. Click in any Other White Space on the Tab

6. Click OK

   
   

Replace the Auto Run Directory with Non-Existing Directory, Click White Space and then OK.

Set Folders and Files to Read Only

1. Navigate to C:\Lexicom or C:\VLTrader

2. Right Click on Auto Run

3. Click Properties

4. Click the “Read-Only” Box Until it is a Check Mark

   

   
   

5. Click Okay

Set the Read Only Attribute

6. Navigate to C:\LexiCom\webserver\AjaxSwing\conf\templates\default-page or C:\VLTrader\webserver\AjaxSwing\conf\templates\default-page

7. Highlight body-footer,body-footerVL,Body-header,body-headerVL files. (Press and Hold CTRL while clicking files to select multiple files)

8. Right click on any of the files you have selected

9. Click the Read-Only Box Until it is Checked

10. Click Ok

    
    

    

    Set the Read Only Attribute on all files starting with Body

    
    

Detecting a Breach

1. Navigate to C:\Lexicom\host or C:\VLTrader\host

2. If you see a guid string (i.e. 60282967-dc91-40ef-a34c-38e992509c2c.xml) This indicates a breach
   
   

   

   This is an example of a breached system

   
   

3. Search all XML Files in this directory for the word “Powershell”, or “Bash”, and in some cases cmd. If you see these this indicates a breach,

   IN A TEXT EDITOR ONLY DO NOT LAUNCH IN WEB BROWSER

This is an example of base64 injection

Then Navigate to

C:\LexiCom\webserver\AjaxSwing\conf\templates\default-page or

C:\VLTrader\webserver\AjaxSwing\conf\templates\default-page

  Compare to the files that start with body to the examples below