A security vulnerability has been discovered in the software (Apache Tika) used by SPSS Modeler to process files such as PDFs. This affects SPSS Modeler versions 18.3 through 19.0. The vulnerability is not in your analyses or data, but in the background software used to read files.
IBM has provided a security update for this issue: a so-called Interim Fix. It is important that you download and install this Interim Fix.
Why is this important?
Without this fix, a vulnerability remains in the software that could potentially be exploited, for example via specially crafted PDF files. In the worst case, an attacker could access sensitive information or perform unintended actions.
IBM has confirmed these security issues and provided an update for each affected SPSS Modeler version. There is no workaround other than installing the fix. More information can be found in the official IBM Security Bulletin.
What should you do?
- Check which version of SPSS Modeler you're using.
- Download and install the correct security fix for your version. You can find the download links and instructions in our manual.
- Follow the steps in our manual.
No longer using SPSS Modeler?
If you no longer use SPSS Modeler, you can fully uninstall the program from your computer. This will also remove the vulnerable software, and installing the fix will no longer be necessary.