The NCCIC has released an advisory on a heap-based buffer overflow vulnerability in GE Communicator. GE Communicator version 3.15 and prior and Gigasoft, a third-party product, version 5 and prior are affected. Exploitation could allow attackers to execute arbitrary code or create a denial-of-service condition. GE recommends users update to Version 4.0 or the latest available release, to mitigate this vulnerability. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.