RSA reassures users over bug fix

RSA Security has admitted that it received calls from users concerned about reports of security holes in its software.

This Article Covers

Data centre

RSA Security has admitted that it received calls from users concerned about reports of security holes in its software.

Worried customers contacted the company after reading about a flaw in RSA's ACE/Agent for Windows and ACE/Agent for Windows 2000.

RSA said the vulnerability was first found in July, adding that the problem has now been fixed. The company insisted that all its customers were notified in the correct manner. "We notify all our customers about any software problems at the same time," John Worral, RSA's director of strong authentication, told CW360.com.

Customers who contacted RSA after reading the article "must have missed these notifications", said Worral.

However, RSA could not give a reasonable explanation as to why the Computer Emergency Response Team (CERT), a US government-backed institute that monitors Net security, only sent out notification of the vulnerability this week.

The flaw in question allowed remote hackers to bypass the authentication mechanism provided by SecurID, and run programs and read files.

Worral assured CW360.com that he knew of no further problems within the RSA software. He said every effort was being taken to ensure the quality of RSA products, although, he admitted: "Bugs do slip through sometimes".

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on Data centre hardware

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close