Found: remote code execution vulnerabilities dating back years in numerous popular applications. Some of these are common libraries utilized in countless applications. This means these vulnerable libraries will continue to leave countless applications vulnerable for years to come. First, each product utilizing the vulnerable library must update their code to make use of the patched library. Second, an update to the product with the new library must be made available. by the vendor. Third, people making use products which include a vulnerable library must update the product with the patch.
A company with proper security measures in place should already have tools in place to mitigate unknown exploits, tools in place to virtually patch the software, and tools in place which report on vulnerable installations allowing one to further harden against attacks as new attack vectors become public knowledge. Multi-layered security is a must. -- Edwin Davidson
No comments:
Post a Comment