TechTarget

Third-party apps now a top vulnerability, says security expert

Attacks on third-party applications have become a major threat to enterprise information security, says security firm NGS Secure of the NCC Group.

Attacks on third-party applications have become a major threat to enterprise information security, says security firm NGS Secure of the NCC Group.

This is a well-established attack vector, as shown by the latest exploits of another zero-day vulnerability in Adobe's Reader and Acrobat software, said Paul Vlissidis, technical director at NGS Secure.

"It points to what is now a major threat area; vulnerabilities in third-party products that people have on their desktops," he said.

Operating system suppliers all have reasonably effective patching regimes, said Vlissidis, but it now falls to businesses to also check that all their other software is fully patched at all times.

"For corporate users, it underlines the need to have tight controls over all software products running across business networks," he said.

This is especially important, said Vlissidis, for software that has access to the internet either directly, or via plug-ins supporting browsers and e-mail attachments.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close