Symantec names top newly discovered vulnerabilities

Powered by SC Magazine
 

Internet security company Symantec has pinpointed what it believes are the top 10 newly discovered vulnerabilities during January.

Microsoft ISA Server 2000 H.323 filter remote buffer overflow vulnerability came in as number one on the company's list. This was followed by Multiple Vendor H.323 Protocol implementation vulnerabilities, and Linux Kernel do_mremap Function Boundary Condition vulnerability.

Symantec's list of top 10 was based on a range of criteria, including the vulnerability having an impact rating of moderate-high to high and being remotely exploitable. The vulnerabilities also had to affect widely deployed and well-known technologies and have a potential for hackers to exploit them as part of a blended threat, according to a statement issued by Symantec.

Tim Hartman, systems engineer director for Asia Pacific at Symantec, told iTnews that the biggest problem was that people don't always patch their systems. He said that if organisations haven't patched, a virus may take advantage of that vulnerability. "It's really maintenance that's a big problem at the moment," Hartman said.

"When there's a new threat, like Mydoom, people pay more attention to their systems and start patching...[although] large enterprises tend to be more secure than small organisations." This was because large organisations might have a chief security officer, while smaller companies tended to focus on one project at a time, he said.

Asked by iTnews to compare the situation to a year or so ago, Hartman said that the problem was that a lot more people were coming online, and because broadband was more prevalent people were always connected. "Before, viruses travelled relatively slowly...now if [you're] permanently connected you could be infected within 20 minutes," he said.


 
 
 
Top Stories
NewSat defaults on $26m in overdue Lockheed payments
Jabiru-1 satellite build hits further hurdles.
 
IBM denies plans to cut 112k jobs
But admits to further restructuring.
 
ATO investigates 25 tech giants in tax hunt
Prepared to take tax evaders to court.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  36%
 
Your insurance company
  5%
 
A technology company (Google, Facebook et al)
  9%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  4%
 
A Federal Government agency (ATO, Centrelink etc)
  18%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  7%
TOTAL VOTES: 3037

Vote
Do you support the abolition of the Office of the Information Commissioner?

   |   View results
I support shutting down the OAIC.
  27%
 
I DON'T support shutting the OAIC.
  73%
TOTAL VOTES: 966

Vote