On Tuesday, August 13, Microsoft released critical security patches for Windows. According to release notes and further media by Microsoft, the patches are needed to protect from a remote code execution (RCE) vulnerability and should be applied as soon as possible. These vulnerabilities allow an attacker to run arbitrary programs on a computer, without needing physical access to it. We agree with Microsoft’s assessment, the patches are essential to maintain a secure computing environment.
Unfortunately, the patch breaks application functionality for some third-party applications, including those by Blackbaud. Some vendors have recommended not installing or uninstalling the patches to restore application function, we would encourage ignoring the recommendation. All systems on a network will be at risk if the patch is not installed and an exploit is produced to take advantage of the patched vulnerability.
If impacted by the patch, please let the Upic Answer Center and the application vendor know. There’s no ideal option in this situation, but we’d err towards being secure and helping you raise the concern to the software vendors for resolution instead of accepting the significant risk of not following Microsoft’s recommendation.