IBM Security Team Patches CA Security Flaws

IBM says it's released a fix for a vulnerability in a CA backup and recovery server. NWC's IT Analyst says such flaws can open enterprises to trouble.

January 12, 2007

2 Min Read
Network Computing logo

IBM said today its Internet Security Systems (ISS) team uncovered and issued patches to fix two critical vulnerabilities in a CA's small business backup and recovery system.

The vulnerabilities allow remote users to gain administrative privileges on CA's Brightstor ARCserve platform. Because the backup system is typically used to protect and recover mission critical data, IBM recommends that customers deploy the patches immediately.

A CA spokesman said his company provided patches for these vulnerabilities Thursday morning, hours before IBM's release. CA has not received any reports from customers affected by these vulnerabilities, he added.

Additional information on the security advisories for these vulnerabilities can be found at www.iss.net/threats/252.html and www.iss.net/threats/253.html.According to IBM, its customers are proactively protected from such vulnerabilities using IBM's Virtual Patch technology, which automates patch discovery and deployment in cases like this.


SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like


More Insights