TechTarget

RSA reassures users over bug fix

RSA Security has admitted that it received calls from users concerned about reports of security holes in its software.

This Article Covers

Data centre

RSA Security has admitted that it received calls from users concerned about reports of security holes in its software.

Worried customers contacted the company after reading about a flaw in RSA's ACE/Agent for Windows and ACE/Agent for Windows 2000.

RSA said the vulnerability was first found in July, adding that the problem has now been fixed. The company insisted that all its customers were notified in the correct manner. "We notify all our customers about any software problems at the same time," John Worral, RSA's director of strong authentication, told CW360.com.

Customers who contacted RSA after reading the article "must have missed these notifications", said Worral.

However, RSA could not give a reasonable explanation as to why the Computer Emergency Response Team (CERT), a US government-backed institute that monitors Net security, only sent out notification of the vulnerability this week.

The flaw in question allowed remote hackers to bypass the authentication mechanism provided by SecurID, and run programs and read files.

Worral assured CW360.com that he knew of no further problems within the RSA software. He said every effort was being taken to ensure the quality of RSA products, although, he admitted: "Bugs do slip through sometimes".

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close