Third-party apps now a top vulnerability, says security expert

News

Third-party apps now a top vulnerability, says security expert

Warwick Ashford

Attacks on third-party applications have become a major threat to enterprise information security, says security firm NGS Secure of the NCC Group.

This is a well-established attack vector, as shown by the latest exploits of another zero-day vulnerability in Adobe's Reader and Acrobat software, said Paul Vlissidis, technical director at NGS Secure.

"It points to what is now a major threat area; vulnerabilities in third-party products that people have on their desktops," he said.

Operating system suppliers all have reasonably effective patching regimes, said Vlissidis, but it now falls to businesses to also check that all their other software is fully patched at all times.

"For corporate users, it underlines the need to have tight controls over all software products running across business networks," he said.

This is especially important, said Vlissidis, for software that has access to the internet either directly, or via plug-ins supporting browsers and e-mail attachments.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy