Experts warn of null pointer flaws

By

Recently discovered Flash vulnerabilities indicate that 'null pointer' security flaws could quickly evolve into "the next big thing in hacking exploits "..


Security vendor Tier-3 warned that null pointer security flaws are exploitable and could quickly replace buffer overflows as the next big threat.

A 'null pointer' is a link in software code that points to an empty location in computer memory.

Geoff Sweeney, chief executive at Tier-3, said: "Buffer overflows are still an issue, but they are a problem that has been tackled by the industry for many years.

"Null pointer de-referencing has not received anywhere near the same level of attention, which means that users need to be more vigilant than ever."

Sweeney added that computer users could face problems if a reliable exploit approach for null pointer de-referencing can be harnessed.

Organisations and home users will need to be on alert as their infrastructure is already under constant threat, particularly when the affected software is as pervasive as Adobe's Flash.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
expertsflawsofsecuritywarn

Sponsored Whitepapers

Optus Enterprise Mobility
Optus Enterprise Mobility
Life After VMware: Scale Securely with mCloud by Micron21
Life After VMware: Scale Securely with mCloud by Micron21
Cut Cloud Costs Without Compromise: Discover mCloud by Micron21
Cut Cloud Costs Without Compromise: Discover mCloud by Micron21
What 4 wholesale distribution challenges aren’t going away anytime soon?
What 4 wholesale distribution challenges aren’t going away anytime soon?
State of the SOC: Building Resilience in a Shifting Threat Landscape
State of the SOC: Building Resilience in a Shifting Threat Landscape

Events

Most Read Articles

First npm worm "Shai-Hulud" released in supply chain attack

First npm worm "Shai-Hulud" released in supply chain attack
Actor auth tokens gave Global Admin access across Azure Entra ID tenants

Actor auth tokens gave Global Admin access across Azure Entra ID tenants
"VoidProxy" PhishKit targets Google and Microsoft users

"VoidProxy" PhishKit targets Google and Microsoft users
NSW gov third party-linked cyber incidents quadruple in two years

NSW gov third party-linked cyber incidents quadruple in two years
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?