Don't leave holes in your patching policies

Tuesday, 16 December 2003, 3:50 PM EST

If the IT industry was subject to the same restrictions as the car industry, the number of equipment recalls would be so huge that many companies would go out of business.

Bugs are an inevitable problem in a sector where companies are driven by shareholders to rush out equipment before it is ready. From a security perspective, this presents users with a huge problem. Empirical evidence suggests that the average device - whether it is a perimeter network resource such as a firewall or router, or a core device such as a server - has more holes in it than a piece of Gruyere.

One of the rarest but most devastating security vulnerabilities in host computers is the buffer overflow error, said Gary Jones, professional services manager of security consultancy MIS Corporate Defence Solutions.

Simply bombarding user-facing memory space with data can cause data to overrun pre-allocated memory, forcing the input into an executable part of the memory. Hackers can use this to run code of their own and possibly gain control of the system.

[ Read more ]

Related items




Spotlight

(IN)SECURE Magazine issue 43 released!

Posted on 16 September 2014.  |  (IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. This issue covers web application security, mobile hacking, certification, Black Hat, and much more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Sep 17th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //