Symantec names top newly discovered vulnerabilities

Powered by SC Magazine
 

Internet security company Symantec has pinpointed what it believes are the top 10 newly discovered vulnerabilities during January.

Microsoft ISA Server 2000 H.323 filter remote buffer overflow vulnerability came in as number one on the company's list. This was followed by Multiple Vendor H.323 Protocol implementation vulnerabilities, and Linux Kernel do_mremap Function Boundary Condition vulnerability.

Symantec's list of top 10 was based on a range of criteria, including the vulnerability having an impact rating of moderate-high to high and being remotely exploitable. The vulnerabilities also had to affect widely deployed and well-known technologies and have a potential for hackers to exploit them as part of a blended threat, according to a statement issued by Symantec.

Tim Hartman, systems engineer director for Asia Pacific at Symantec, told iTnews that the biggest problem was that people don't always patch their systems. He said that if organisations haven't patched, a virus may take advantage of that vulnerability. "It's really maintenance that's a big problem at the moment," Hartman said.

"When there's a new threat, like Mydoom, people pay more attention to their systems and start patching...[although] large enterprises tend to be more secure than small organisations." This was because large organisations might have a chief security officer, while smaller companies tended to focus on one project at a time, he said.

Asked by iTnews to compare the situation to a year or so ago, Hartman said that the problem was that a lot more people were coming online, and because broadband was more prevalent people were always connected. "Before, viruses travelled relatively slowly...now if [you're] permanently connected you could be infected within 20 minutes," he said.


 
 
 
Top Stories
Meet FABACUS, Westpac's first computer
GE225 operators celebrate gold anniversary.
 
NSW Govt gets ready to throw out the floppy disks
[Opinion] Dominic Perrottet says its time for government to catch up.
 
iiNet facing new copyright battle with Hollywood
Fighting to protect customer details.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  26%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  22%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  25%
TOTAL VOTES: 346

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  58%
 
No
  42%
TOTAL VOTES: 144

Vote