安全概述-印象笔记产品安全更新 | 印象笔记

安全概述

安全概述企业专属安全保障用户安全提示提交安全问题 印象笔记产品安全更新

印象笔记产品安全更新

印象笔记致力于为全球数亿用户提高工作效率。保护用户的数据安全和隐私是我们的职责所在。我们会持续进行产品测试，提高安全性能，修复已知问题。你可以在此处查看我们最近修复的安全问题。我们会在新版本出现关于安全方面的更新时发布在这里。（请注意：此处将发布 2015年3月1日之后的更新，在此日期之前的问题修复将不再发布。）实时了解安全补丁最新动向，请到此页查看或参照我们的应用更新说明。

印象笔记 Mac版

问题 ID	描述	已修复版本
MAC-832	Fixed a stored cross site scripting (XSS) issue in Markdown.	印象笔记 for Mac 8.3.2
MACOSNOTE-12400	Added a prompt before opening any file:// URIs.	印象笔记 for Mac 6.6
MACOSNOTE-18729	Improved NSConnection usage with NSProtocolChecker to protect the cross application IPC channel.	印象笔记 for Mac 6.3

印象笔记 Windows 版

问题 ID	描述	已修复版本
WEBFRONT-4479	Fixed a stored cross site scripting (XSS) issue in Markdown.	印象笔记 for Windows 6.22.12 Beta
WINDOWS-684	Fixed a stored cross site scripting (XSS) issue in Markdown.	印象笔记 for Windows 6.15.12
WWINNOTE-19568, WINNOTE-19620	Fixed a stored cross site scripting (XSS) issue in rendering attachment filenames.	印象笔记 for Windows 6.15.6
WINNOTE-19299	Fixed an issue in versions 6.4 – 6.7 where the app would send authentication tokens over HTTP when contacting certain portions of the Evernote Service. The vulnerability did not affect note content, usernames, or passwords and those continued to be securely encrypted in transit.	印象笔记 for Windows versions 6.7.6 (Hotfix) and 6.8.6 (First GA release)
WINNOTE-15870	Fixed a potential stored cross site scripting (XSS) issue on Google Drive integration.	印象笔记 for Windows 6.4
WINNOTE-15637, WINNOTE-8970	Fixed DLL hijacking/preloading vulnerabilities on installer and other binaries.	印象笔记 for Windows 6.3
WINNOTE-14610	Delete the local data in the original folder when the local folder configuration is changed.	印象笔记 for Windows 6.1.2
WINNOTE-13340, WINNOTE-13475, WINNOTE-13472	Fixed several stored XSS (cross-site scripting) issues in activity view and other web views.	印象笔记 for Windows 5.9.5
WINNOTE-8997	Added a warning to users before openning local files.	印象笔记 for Windows 5.8.11
CE-735	Fixed a stored XSS (cross-site scripting) issue in Related Context by properly rendering the context note snippet.	印象笔记 for Windows 5.8.4

适用于 iOS 的印象笔记

问题 ID	描述	已修复版本
IOSNOTE-28074	Fixed a PIN lock bypass issue.	印象笔记 for iOS 8.2
IOSNOTE-22342	Updated the keychain items accessibility attribute in iTunes/iCloud backups.	印象笔记 for iOS 7.14
IOSNOTE-19688, CP-3280	Fixed the WebViews that disables same-origin policy using file:// URLs.	印象笔记 for iOS 7.7.7
IOSNOTE-19338	Upgraded vulnerable SDWebImage library to 3.7.2.	印象笔记 for iOS 7.7.2

印象笔记 Android 版

问题 ID	描述	已修复版本
DRDNOTE-24142	Fixed a PIN lock bruteforcing issue.	印象笔记 for Android 7.9.9
DRDNOTE-23054	Fixed a potential stored cross site scripting (XSS) issue on Google Drive integration.	印象笔记 for Android 7.9.5
DRDNOTE-20794,DRDNOTE-22660	Fixed a PIN lock bypass issue.	印象笔记 for Android 7.9.4
DRDNOTE-20842	Fixed an issue that some WebView could ignore SSL certificate errors in debug/internal builds.	印象笔记 for Android 7.6
DRDNOTE-9500, DRDNOTE-11183	Move notes stored in SD card to internal memory.	印象笔记 for Android 7.0.7

印象笔记 BlackBerry 版

问题 ID	描述	已修复版本
EFB-1836	Fixed an issue that PIN lock can be bypassed.	印象笔记 for BlackBerry 5.6.2

剪藏 6 Chrome 版

问题 ID	描述	已修复版本
CC-2561	Fixed a potential cross site scripting (XSS) issue while clipping from a malicious site.	剪藏 6 for Chrome 6.9.2
CC-1729	Fixed a potential HTML injection issue through the extension’s login page.	剪藏 6 for Chrome 6.7
CC-1693	Fixed a potential stored cross site scripting (XSS) issue in releated search results.	剪藏 6 for Chrome 6.6

剪藏 6 Safari 版

问题 ID	描述	已修复版本
SAFARICLIP-992	Fixed a potential stored cross site scripting (XSS) issue in releated search results.	剪藏 6 for Safari 6.7

印象笔记·墨笔 iOS版

问题 ID	描述	已修复版本
IOSPENULT-4056	Updated adonit SDK to fetch all web content through HTTPS.	印象笔记·墨笔 for iPad 6.2

印象笔记·食记 iOS 版

问题 ID	描述	已修复版本
IOSFOOD-4320	Upgraded vulnerable SDWebImage library to 3.7.2.	印象笔记·食记 for iOS 2.5.1
	We have ended support for this product and will not be providing any future security updates.	September 30, 2015

印象笔记·圈点 iOS版

问题 ID	描述	已修复版本
	We have ended support for this product and will not be providing any future security updates.	January 22, 2016

印象笔记·圈点安卓版

问题 ID	描述	已修复版本
	We have ended support for this product and will not be providing any future security updates.	January 22, 2016

印象笔记·圈点 Touch Windows 版

问题 ID	描述	已修复版本
	We have ended support for this product and will not be providing any future security updates.	January 22, 2016

印象笔记·圈点 Windows 版

问题 ID	描述	已修复版本
	We have ended support for this product and will not be providing any future security updates.	January 22, 2016

印象笔记·悦读

问题 ID	描述	已修复版本
	We have ended support for this product and will not be providing any future security updates.	January 22, 2016

印象笔记 Pebble 版

问题 ID	描述	已修复版本
	We have ended support for this product and will not be providing any future security updates.	January 22, 2016