EmEditor icon

EmEditor v14.5.4 released!

In response to the hacking incident on the other day, we decided to disable the update checker until we can confirm the safety of our server and the Update Checker. We strongly recommend this update to all EmEditor users.

For safety of customers, we removed update configuration files in our server. Therefore the Update Checker on older versions of EmEditor will not be available anymore. If you try to check updates from older versions, you will see the prompt message: “Invalid or missing updates configuration file. …”. This is not a bug. Please download and update to the newest version of EmEditor by clicking here.

Updates from v14.5.3 include:

Features Removed

  • The Update Checker features were disabled. The Check for Updates and Customize Update Checker commands were removed or disabled.

Enhancements

Bug Fixes

Please see EmEditor v14 New Features.

Download EmEditor v14 Now.

Thank you for using EmEditor.

See also

Possible malware attack by EmEditor Update Checker

Dear EmEditor user,

We have found malicious files were placed in a subfolder of the EmEditor website, and we estimate these files were placed by a hacker between 6:36 am and 11:20 am on August 18th in the Pacific Daylight Time (USA and Canada), or between 1:36 pm and 6:20 pm on August 18th in the UTC. If a user uses EmEditor Update Checker from one of certain IP addresses, a malicious program, not EmEditor, might have been installed. The IP addresses are:

For the following list, * represents any number between 0 and 255. All 256 numbers between 0 and 255 are IP addresses in question.

12.44.85.*
12.189.27.*
12.233.153.*
42.147.69.*
49.101.250.*
61.211.224.*
63.119.133.*
64.102.249.*
64.235.145.*
64.235.151.*
66.129.241.*
77.248.69.*
86.111.221.*
106.139.26.*
106.188.131.*
114.160.192.*
118.103.17.*
118.238.0.*
124.248.207.*
133.6.1.*
133.6.91.*
133.6.94.*
133.56.0.*
133.74.211.*
133.173.2.*
150.26.82.*
173.36.196.*
173.38.209.*
182.162.60.*
188.111.86.*
194.98.194.*
198.135.0.*
199.167.55.*
203.104.128.*
203.180.164.*
204.15.64.*
209.97.118.*
210.17.188.*
210.172.128.*
210.174.36.*
210.224.179.*
216.228.150.*
219.195.174.*

For the following list, # represents a number between 0 and 255, but only one number represents the IP address in question. To protect users’ privacy, the actual IP address is hidden by #. If your IP address is included in this list, please contact us at jp@emurasoft.com with your IP address, and we will let you know your IP address is included.

12.234.38.#
61.202.251.#
101.110.12.#
101.110.14.#
101.110.15.#
101.111.185.#
108.28.100.#
117.103.185.#
118.159.230.#
118.159.235.#
124.85.138.#
126.205.203.#
133.6.76.#
153.163.255.#
180.0.96.#
180.6.227.#
202.7.107.#
202.62.253.#
206.13.28.#
210.148.24.#
210.164.30.# (2 IP addresses)
210.169.198.#
210.175.75.#
210.233.113.#
210.237.143.#
211.7.234.#

If your IP address is included in any of the above lists, and if you use the Update Checker of EmEditor during the above time frame, there is a possibility that your computer might have been infected by a virus. If so, please use anti-virus software to clean your computer.

To check your IP address, please go to www.google.com, enter “My IP”.

Currently, our server hosting company is scanning the whole website. As soon as the scan is completed, we plan to resolve the issue completely by all means.

We will keep you informed of our progress. If we cannot get access to our website, we might use Twitter, Google+, or Facebook to make announcements.

We apologize for any inconveniences that this situation might have caused you.

 

Website scans were completed and all websites are clean

Our website scans were completed, and all our websites were clean, including all of our foreign language EmEditor websites as well as Emurasoft Customer Center. This means this English website was not affected by this case.

Nevertheless, as a precaution, we recommend changing your password if you have an account in one of our sites, and please do not share the same password with Emurasoft Customer Center or any other websites.

To prevent future hacker attacks, we have tightened our security level. We no longer accept new members automatically. If you are not a member yet, and if you would like to join our forums, please contact us.

Once again, we apologize for any inconveniences.

Thank you for using EmEditor!

EmEditor foreign language websites attacked by hackers

Dear EmEditor user,

On August 12th, 2014, we discovered traces of malicious code in our Japanese EmEditor home page and Simplified Chinese EmEditor home page. Because of this, we temporarily stopped our websites, and we have been checking and cleaning up the sites. In the Japanese site, there were traces where usernames, passwords, and IP addresses of users might have been compromised.

If you have an account in the Japanese site, it is strongly recommended that you change your password. To change the password, please go to the Forums page and log into your account. After signing in, you will see a menu bar showing at the top of the webpage. Go to the top right corner of the webpage that shows your username and in the drop-down menu click “Edit My Profile” .

Currently, there is no evidence that other language sites including this English site was compromised, and there is no evidence that Emurasoft Customer Center was compromised. However, as a precaution, we strongly recommend changing your password if you have an account in these sites. If you share the same password with other websites, we also recommend changing your passwords with those sites.

We apologize for any inconveniences that this situation might have caused you. We are still scanning other language home pages. We will keep you updated if there are any progresses. Thank you.