ARD - Need to remove remediate VC++ dll files with security vulnerabilities
Article ID: 189120
CA Agile Requirements Designer
Our security team has flagged our ARD 188.8.131.52 system as being at risk for a security vulnerability. The cause of the security failure, is the msvcr100.dll, which is used by Microsoft Visual C++ 2010. Are there any requirements or dependencies that ARD 184.108.40.206 has related to Visual C++ 2010. We need assistance in removing or remediating this issue.
Release : 220.127.116.11
Component : CA Agile Requirements Designer
The DLL in question is the msvcr100.dll, which is a Microsoft Visual C++ 2010 dll. The dll version 10.0.30319 is the base Microsoft Visual C++ 2010 Redistributed installation; the 10.0.40219 release is from the Microsoft Visual C++ 2010 Redistributed Service Pack 1 installation.
I check our ARD Product Development team, and they confirmed that ARD 18.104.22.168 Studio doesn't have any requirements for Visual C++ 2010. However, we do require the NET Framework 4.5, and Visual C++ 2017 Redistributable x64 (14.10.25008 or higher) be installed for the ARD Studio to properly function.
You can safely uninstall Visual C++ 2010 from the ARD system, as long as the .NET Framework and Visual C++ 2017 installations are intact.