Third-party apps now a top vulnerability, says security expert

News

Third-party apps now a top vulnerability, says security expert

Warwick Ashford

Attacks on third-party applications have become a major threat to enterprise information security, says security firm NGS Secure of the NCC Group.

This is a well-established attack vector, as shown by the latest exploits of another zero-day vulnerability in Adobe's Reader and Acrobat software, said Paul Vlissidis, technical director at NGS Secure.

"It points to what is now a major threat area; vulnerabilities in third-party products that people have on their desktops," he said.

Operating system suppliers all have reasonably effective patching regimes, said Vlissidis, but it now falls to businesses to also check that all their other software is fully patched at all times.

"For corporate users, it underlines the need to have tight controls over all software products running across business networks," he said.

This is especially important, said Vlissidis, for software that has access to the internet either directly, or via plug-ins supporting browsers and e-mail attachments.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.
 

COMMENTS powered by Disqus  //  Commenting policy