SAS Security Bulletins

Part of our commitment to meeting or exceeding customer expectations.

To keep you informed about any suspected or confirmed security issues, SAS publishes security bulletins as part of our formal Product Security Incident Response Team (PSIRT) process. To report a suspected security issue, please open a track with SAS Technical Support.

SAS delivers security fixes as part of the hot fix process. Please note that hot fixes for each product component are cumulative and may include functionality fixes in addition to security fixes. Security Statements describe the hot fixes needed to address specific vulnerabilities, and other hot fixes may contain security fixes recommended for other issues or products.

Security Bulletins

OpenSSL Security advisories (January 25, 2017)

Phishing for access to SAS Systems (November 21, 2016)

Java Deserialization vulnerability (October 18, 2016)

Drown vulnerability (August 12, 2016)

FREAK & SKIP-TLS vulnerabilities (related to OpenSSL) (May 3, 2016)

GHOST Vulnerability (March 31, 2015)

Daily Report Emails (November 13, 2014)

POODLE SSL (October 28, 2014)

Bash Vulnerability (October 16, 2014)

Notice to SAS Migration Utility Users (October 8, 2014)

Heartbleed (related to OpenSSL) (April 17, 2014)

Java 7 Updates

SAS continues to use and support a Java 7 JRE for SAS 9.4 deployments. See SAS Third-Party Software Requirements – Java 7 Updates for details. The most recent update to the SAS Private JRE is available from the Downloads application.

SAS Note 56203 documents the following Java 7 updates:

  • Java 7 update 1.7.0_131 (January 2017)
  • Java 7 update 1.7.0_121 (October 2016)
  • Java 7 update 1.7.0_111 (July 2016)
  • Java 7 update 1.7.0_101 (April 2016)
  • Java 7 update 1.7.0_91 (October 2015)
  • Java 7 update 1.7.0_85 (July 2015)

Expand Your Knowledge

SAS Administrator Training Icon

SAS Administrator
Training

Explore our training options – from on-site classroom, to live web, to e-learning, to one-on-one mentoring.

SAS Administrator Certification Icon

SAS Administrator
Certification

Validate your SAS knowledge and skills by earning a globally recognized credential from SAS.

SAS Administrator Books Icon

SAS Administrator
Books

Browse books by subject-matter experts and thought leaders on a plethora of topics of interest to SAS software users.

Back to Top