Headsetup and Headsetup Pro have been updated to remedy a potential security threat.
Installing the latest versions of the software will eliminate any vulnerability. As of an update on 23 November, the latest software versions are as follows:
Headsetup Pro v.2.6.8235
Headsetup: v.8.1.6114 (PC) and v. 5.3.7011 (MAC)
For users with previous version installed:
To remove the affected certificates from one individual computer – Please download the script.
After running the script with administrative privileges, the risk of Sennheiser certificates being subject for misuse will be eliminated. The file also includes a description on how users can manually verify that certificates are removed.
For business users, it is advised to use the AD/GPO process instead.
Download this pdf Step-by-Step guide for how to move the affected Sennheiser certificates to the untrusted certificate Active Directory (AD) – Group Policy (GPO)
This will eliminate the risk of Sennheiser certificates being subject for misuse.
As deinstallation of the software “HeadSetup” alone does not resolve the situation, we recommend that also customers remove the vulnerable ceritificates, who no longer actively use the add-on software.
All users may contact Sennheiser Communications for support: firstname.lastname@example.org or at +45 2943 1569 (9.00-18.00 CET)