Dynamic Web TWAIN End-User Installers Download
Select your version of Dynamic Web TWAIN:
Version 18
End-User Installers for Version 18
Download
These installers are compatible with all minor versions within major version 18, whether you are using an earlier release or the latest one.
Upgrade Guide
Please follow the steps below to install the new Dynamsoft Service to your new and existing end-user machines. No source code change is required to your web application.
1. Download the appropriate end-user installer(s) for their operating system(s).
2. On your production server, locate the resources folder containing the Dynamic Web TWAIN service installers. Search for files with the prefix "DynamsoftServiceSetup" in the folder "/Resources/dist/" or "Resources/". Replace the old installers with the new ones. This ensures that your new end users will download the latest version from your server.
3. For your end users with the old Dynamsoft Service installed, deploy the new installer to their machines. Running this installer will automatically upgrade the client-side service.
Note: if you wish to prompt end users to manually download and install the new Dynamsoft Service, please see FAQ #1 for additional instructions.
FAQs
1. How do I prompt my end users to manually download and install the new Dynamsoft Service with security fix ?
To prompt your end users for the manual download and installation of the new Dynamsoft Service, you'll need to update the Dynamsoft Service installer's version number in the JavaScript (JS) files of your web application.
Step 1: download the latest developer SDK package, which includes both the updated Dynamsoft JS files and the new end-user installers for the Dynamsoft Service.
Step 2: replace the existing files in your project with these new ones.
Important Note: Before you replace the old JS files, it's important to compare (diff) the new and old "dynamsoft.webtwain.config.js" file. This will ensure that any custom settings you have in the old files are transferred manually to the new ones.
2. What is the security issue ?
Due to inadequate verification processes in the client-side Dynamsoft Service, there is a risk that malicious code could be executed. This vulnerability poses a potential threat to the security of end-user machines.
| Affected versions | Fix |
| Dynamsoft Service v1.8.1025-1.8.2013 in Dynamic Web TWAIN v18.0-18.4.1; | Dynamsoft Service v1.8.2014 in Dynamic Web TWAIN v18.4.2 (download link) |
| Dynamsoft Service v1.7.0330-1.7.2531 in Dynamic Web TWAIN v17.0-17.3; | Dynamsoft Service v1.7.4212 in Dynamic Web TWAIN v17.3.5 (download link) |
| Dynamsoft Service v1.6.0428-1.6.1112 in Dynamic Web TWAIN v16.0-16.2; | Dynamsoft Service v1.6.3212 in Dynamic Web TWAIN v16.2.6 (download link) |
| Dynamsoft Service v1.5.0625-1.5.3116 in Dynamic Web TWAIN v15.0-15.3.1; | Dynamsoft Service v1.5.31212 in Dynamic Web TWAIN v15.3.4 (download link) |
| Dynamsoft Service v1.4.0618-1.4.1230 in Dynamic Web TWAIN v14.0-14.3.1; | Dynamsoft Service v1.4.3212 in Dynamic Web TWAIN v14.3.3 (download link) |
| Dynamsoft Service v1.0.516-1.3.0115 in Dynamic Web TWAIN v13.0.0-13.4.1; | Dynamsoft Service v1.3.3212 in Dynamic Web TWAIN v13.4.7 (download link) |
3. Will this fix require downtime to my production environment ?
No.
To apply the security patch, you only need to re-deploy the client-side scanning service. No source code changes are needed for your web project. The process is designed to be quick and efficient, ensuring that your system is secured without significant disruption to your operations.
4. Is there any cost associated with this fix ?
As part of our commitment to your security, we are providing the security patch for your specific major version at no cost. This is to ensure that all our customers can maintain a secure environment.
Note: Our current latest version is v18.4.2. If you are using an older version, we strongly recommend planning an upgrade to v18.4.2 for enhanced browser and scanner compatibility, better security features, and improved scanning performance. For upgrading, please reach out to us at support@dynamsoft.com, and our team will assist you with the process.
5. Is there a deadline by which we need to apply this security fix ?
You have the flexibility to plan and implement the fix according to your own schedule. However, we recommend applying it as soon as feasible to ensure your system's security.
6. What measures are being taken to prevent similar issues in the future ?
We’ve taken several measures to prevent similar issues in the future, such as:
-
Conducting a thorough root cause analysis of the vulnerability and implementing corrective actions to eliminate or mitigate the risk.
-
Enhancing our security testing and quality assurance processes to detect and fix any potential vulnerabilities before releasing our software updates.
-
Providing regular security training and awareness programs to our developers and engineers to ensure they follow the best practices and standards for secure coding and design.
-
Collaborating with external security experts and researchers to conduct independent audits and reviews of our software and systems.
Collaborating with external security experts and researchers to conduct independent audits and reviews of our software and systems.
Building on this commitment, we also attained certification for O-TTPS and ISO/IEC 20243 (Self-Assessed) recently. This will further strengthen our approach to mitigating security risks in software products, specifically focusing on the integrity of software supply chains.
These certifications are part of a broader strategy to ensure robust security measures are embedded throughout our development and operational processes. We are dedicated to proactive security management, regularly reviewing and enhancing our practices to minimize future issues.
Useful Resources:
- How to check the version of Dynamic Web TWAIN?
Need help? Contact our Support Team.