How to Access Downloads

If you are a customer in need of JAVS Viewer 8 downloads, please visit support.javs.com or contact [email protected] (1.877.528.7457).

Customers in need of software downloads for other JAVS Suite 8 Software (AutoLog, MRA, Scheduler, Publisher, etc.) or any JAVS hardware downloads, please contact [email protected] (1.877.528.7457).

Security Notice: JAVS Viewer Software (Version 8.3.7)

Earlier this year, JAVS was the target of a cyber security incident in which perpetrators downloaded a version of our Viewer 8.3.7 installer from our public downloads page.  The perpetrators added a malicious backdoor code to the installer, and then placed their corrupted version of Viewer 8.3.7 installer back on our public downloads page where it was available to be downloaded by visitors to our site under the name “JAVS.Viewer8.Setup_8.3.7.250-1.exe.”

We were made aware of the incident on May 15, 2024, by the U.S. Cybersecurity and Infrastructure Security Agency (CISA).  Immediately upon being informed of the incident, JAVS removed all downloadable files from our website and took additional steps to secure our systems.  We also launched an investigation with CISA, the FBI, and are working with cybersecurity experts to address the issue and strengthen our systems to prevent incidents like this from occurring in the future.

Customers with a current JAVS service agreement typically have our service technicians install and update files from our secure portal.  These customers’ systems should be unaffected. Only customers who self-downloaded the compromised installer package from www.javs.com/downloads could be impacted.

We have been working to contact all JAVS customers to share information about the incident and, as needed, provide instructions and support on securing their systems. Some important notes:

  • Numerous valid and uninfected installations of our Viewer 8.3.7.250 software DO exist.
  • Only installations of Viewer 8.3.7.250 downloaded using the compromised “JAVS.Viewer8.Setup_8.3.7.250-1.exe digitally signed by Vanguard Tech Limited” are likely to be infected. This file was only available briefly (less than a month) before it was removed.
  • Just looking at the version of Viewer on a machine does not indicate that the computer is infected. The only way to verify an infection is a file called fffmpeg.exe (three f’s) in the Viewer 8 directory. The file ffmpeg.exe (two f’s) is valid and not infected.
  • Only computers running Viewer 8.3.7.250 with the triple f file are infected.

Since learning of the breach, we have taken several critical steps to improve our policies and systems:

  • Removed all downloadable files from our www.javs.com website.
    • Future software requests will be handled by our internal help desk team, who will provide secure links to known valid software.
    • Our downloads page now features instructions to contact the help desk for software.
  • Scanned all files and confirmed no internal JAVS infections.
  • Scanned all source code and confirmed no other infected installations.
  • Only one installer – JAVS.Viewer8.Setup_8.3.7.250-1.exe – was impacted.
  • Added additional security to our public website and contracted with a cybersecurity firm.
  • Moved our public website DNS hosting to Cloudflare for additional domain security.

What You Should Do:

  • Check computers running Viewer 8.3.7.250 for the triple “f” file - fffmeg.exe. If the malicious file is found or detected, we recommend a full re-image of the PC and a reset of any credentials.
  • Upgrade JAVS Viewer Software: We strongly recommend that all users of JAVS Viewer software upgrade to the latest version (Version 8.3.9 or higher.)

The information we currently have available indicates that the cyber security incident has impacted a very small number of our customers. That said, the security of our systems and our customers' systems is of the utmost importance.  Thank you for your continued commitment to our customers.

 

The Justice AV Solutions Security Team