Don't leave holes in your patching policies

Tuesday, 16 December 2003, 3:50 PM EST

If the IT industry was subject to the same restrictions as the car industry, the number of equipment recalls would be so huge that many companies would go out of business.

Bugs are an inevitable problem in a sector where companies are driven by shareholders to rush out equipment before it is ready. From a security perspective, this presents users with a huge problem. Empirical evidence suggests that the average device - whether it is a perimeter network resource such as a firewall or router, or a core device such as a server - has more holes in it than a piece of Gruyere.

One of the rarest but most devastating security vulnerabilities in host computers is the buffer overflow error, said Gary Jones, professional services manager of security consultancy MIS Corporate Defence Solutions.

Simply bombarding user-facing memory space with data can cause data to overrun pre-allocated memory, forcing the input into an executable part of the memory. Hackers can use this to run code of their own and possibly gain control of the system.

[ Read more ]

Related items




Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Sep 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //