Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Delay in vBulleting Vulnerability Patch Puts Online Communities At Risk

Lumension Security : 26 July, 2010  (Technical Article)
Lumension comments on the delays in fixing vulnerabilities in online discussion group software which has had a serious security flaw identified
Reports of a serious flaw in vBulletin software that is widely used to power online discussion groups is leaving personal data held on these websites exposed, as the websites look into applying the patch.

Alan Bentley, SVP International, at vulnerability management expert, Lumension comments:

"The two-day delay by the social media sites to apply the vBulletin patch is not unusual. While a fix often addresses a serious vulnerability that could disrupt a business or website, blindly rushing out a patch when it is released could cause more harm than good. Companies need to understand exactly what machines in their environment are affected and then ensure that the fix will not conflict with the configuration.

"Un-patched systems are one of the easiest attack vectors to execute due to the inability of companies to react quickly enough. Whilst the vulnerability is still active, social media users need to check that their conversations and personal data have not been tampered with. On the other side, website owners have a responsibility to have a robust mechanism of dealing with specific "serious" vulnerabilities and of course rely on trust mechanisms to protect their systems from attack whilst they are vulnerable.

"The web has become a social playground - with people around the world logging on and interacting via hundreds of different networks and forums on a daily basis. Whilst they provide a playground for some, these networks are also providing a hotbed for hackers looking to harvest personal data for malicious gain. The worrying thing in this case, is that the attack is not sophisticated and can be done in just a few clicks."
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo