印象笔记产品安全更新

印象笔记致力于为全球数亿用户提高工作效率。保护用户的数据安全和隐私是我们的职责所在。我们会持续进行产品测试,提高安全性能,修复已知问题。

你可以在此处查看我们最近修复的安全问题。我们会在新版本出现关于安全方面的更新时发布在这里。(请注意:此处将发布 2015年3月1日之后的更新,在此日期之前的问题修复将不再发布。)

实时了解安全补丁最新动向,请到此页查看或参照我们的应用更新说明。

印象笔记 Mac版

问题 ID

描述

已修复版本

MACOSNOTE-12400 Added a prompt before opening any file:// URIs. 印象笔记 for Mac 6.6
MACOSNOTE-18729 Improved NSConnection usage with NSProtocolChecker to protect the cross application IPC channel. 印象笔记 for Mac 6.3

印象笔记 Windows 版

问题 ID

描述

已修复版本

WINNOTE-15870 Fixed a potential stored cross site scripting (XSS) issue on Google Drive integration. 印象笔记 for Windows 6.4
WINNOTE-15637, WINNOTE-8970 Fixed DLL hijacking/preloading vulnerabilities on installer and other binaries. 印象笔记 for Windows 6.3
WINNOTE-14610 Delete the local data in the original folder when the local folder configuration is changed. 印象笔记 for Windows 6.1.2
WINNOTE-13340, WINNOTE-13475, WINNOTE-13472 Fixed several stored XSS (cross-site scripting) issues in activity view and other web views. 印象笔记 for Windows 5.9.5
WINNOTE-8997 Added a warning to users before openning local files. 印象笔记 for Windows 5.8.11
CE-735 Fixed a stored XSS (cross-site scripting) issue in Related Context by properly rendering the context note snippet. 印象笔记 for Windows 5.8.4

适用于 iOS 的印象笔记

问题 ID

描述

已修复版本

IOSNOTE-28074 Fixed a PIN lock bypass issue. 印象笔记 for iOS 8.2
IOSNOTE-22342 Updated the keychain items accessibility attribute in iTunes/iCloud backups. 印象笔记 for iOS 7.14
IOSNOTE-19688, CP-3280 Fixed the WebViews that disables same-origin policy using file:// URLs. 印象笔记 for iOS 7.7.7
IOSNOTE-19338 Upgraded vulnerable SDWebImage library to 3.7.2. 印象笔记 for iOS 7.7.2

印象笔记 Android 版

问题 ID

描述

已修复版本

DRDNOTE-24142 Fixed a PIN lock bruteforcing issue. 印象笔记 for Android 7.9.9
DRDNOTE-23054 Fixed a potential stored cross site scripting (XSS) issue on Google Drive integration. 印象笔记 for Android 7.9.5
DRDNOTE-20794,DRDNOTE-22660 Fixed a PIN lock bypass issue. 印象笔记 for Android 7.9.4
DRDNOTE-20842 Fixed an issue that some WebView could ignore SSL certificate errors in debug/internal builds. 印象笔记 for Android 7.6
DRDNOTE-9500, DRDNOTE-11183 Move notes stored in SD card to internal memory. 印象笔记 for Android 7.0.7

印象笔记 BlackBerry 版

问题 ID

描述

已修复版本

EFB-1836 Fixed an issue that PIN lock can be bypassed. 印象笔记 for BlackBerry 5.6.2

剪藏 6 Chrome 版

问题 ID

描述

已修复版本

CC-2561 Fixed a potential cross site scripting (XSS) issue while clipping from a malicious site. 剪藏 6 for Chrome 6.9.2
CC-1729 Fixed a potential HTML injection issue through the extension's login page. 剪藏 6 for Chrome 6.7
CC-1693 Fixed a potential stored cross site scripting (XSS) issue in releated search results. 剪藏 6 for Chrome 6.6

剪藏 6 Safari 版

问题 ID

描述

已修复版本

SAFARICLIP-992 Fixed a potential stored cross site scripting (XSS) issue in releated search results. 剪藏 6 for Safari 6.7

印象笔记·墨笔 iOS版

问题 ID

描述

已修复版本

IOSPENULT-4056 Updated adonit SDK to fetch all web content through HTTPS. 印象笔记·墨笔 for iPad 6.2

印象笔记·食记 iOS 版

问题 ID

描述

已修复版本

IOSFOOD-4320 Upgraded vulnerable SDWebImage library to 3.7.2. 印象笔记·食记 for iOS 2.5.1
  We have ended support for this product and will not be providing any future security updates. September 30, 2015

印象笔记·圈点 iOS版

问题 ID

描述

已修复版本

  We have ended support for this product and will not be providing any future security updates. January 22, 2016

印象笔记·圈点安卓版

问题 ID

描述

已修复版本

  We have ended support for this product and will not be providing any future security updates. January 22, 2016

印象笔记·圈点 Touch Windows 版

问题 ID

描述

已修复版本

  We have ended support for this product and will not be providing any future security updates. January 22, 2016

印象笔记·圈点 Windows 版

问题 ID

描述

已修复版本

  We have ended support for this product and will not be providing any future security updates. January 22, 2016

印象笔记·悦读

问题 ID

描述

已修复版本

  We have ended support for this product and will not be providing any future security updates. January 22, 2016

印象笔记 Pebble 版

问题 ID

描述

已修复版本

  We have ended support for this product and will not be providing any future security updates. January 22, 2016