informa
/
Announcements
Event
Beyond Passwords: New Thinking and Strategies for Authentication | January 27 Webinar | <REGISTER NOW>
Event
Securing Your APIs: What You Need to Know | January 25 Webinar | <REGISTER NOW>
Event
Beyond Spam and Phishing: Emerging Email-based Threats | January 18 Webinar | <REGISTER NOW>
PreviousNext
Risk
Commentary

Hackers Count On Unpatched Problems -- How Patched Are Yours?

The lesson of the mass-hack that tagged 70,000 Web pages over the past week is be careful what you ask for on your Web site -- and be even more careful that you're completely patched before you ask.
Keith Ferrell
Contributor
January 08, 2008
The lesson of the mass-hack that tagged 70,000 Web pages over the past week is be careful what you ask for on your Web site -- and be even more careful that you're completely patched before you ask.The evidently Chinese-launched attack targeted SQL database-driven catalog and other pages that request visitor information such as user-names.

The attack found entry through a couple of old vulnerabilities, one of them a Windows hole that's been known and patchable since September, 2006. Another entry-point was a RealPlayer vulnerability from a few months ago, also fixable with a patch. (Look here for news of a newer RealPlayer flaw.)

And therein lies the lesson -- whether your small or midsize business manages its own Web site and pages or hires their management out, insistence upon the strictest adherence to patch policies and their implementation is as essential to your business security as antivirus, firewall and other updates.

No way around this -- because the hackers clearly know their way around this.

MobileApplication Security
Recommended Reading:
More Insights
White Papers
More White Papers
Webinars
More Webinars
Reports
More Reports
Webinars
More Webinars
White Papers
More White Papers
Events
More Events
More Insights
White Papers
More White Papers
Webinars
More Webinars
Reports
More Reports