Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP APM
Known Affected Versions:
12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2, 12.1.0, 12.1.1, 12.1.2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 13.1.3.5, 13.1.3.6, 13.1.4, 13.1.4.1, 13.1.5, 13.1.5.1
Opened: Jun 14, 2015 Severity: 3-Major
In security update KB3065822, Microsoft changed behavior of Internet Explorer. Now, to install F5 VPN ActiveX under current user, APM is required to be in Trusted Sites list. Installation per machine also requires APM to be in Trusted Sites list but only for Internet Explorer 9. This only applies to installation from notification bar. This notification bar is shown when user accesses the APM Virtual Server first time (that is, no F5 ActiveX is installed). Existing installations are not affected. Installation using Edge Client package is not affected as well.
A user with a clean machine may be unable to install F5 Web Components per user if APM is not in the Trusted Sites list when accessing an APM virtual Server.
The problem occurs under these conditions. 1. KB3065822 should be installed. 2. Either of these configurations require that APM be in Trusted Sites list to install F5 WebComponent (ActiveX): Internet Explorer 9 installation either per-machine or per-user; or, Internet Explorer 10 or 11 installation per-user.
To work around the problem, you can do any of the following: 1. Do not install KB3065822 or 2. Uninstall KB3065822 or 3. Add the APM virtual server to the Trusted Sites list.
None