Six critical vulnerabilities have been found in IBM's Lotus Notes that could allow attackers to take over corporate systems.
Internet security researcher Secunia said the bugs were “highly critical”, saying that some of the flaws could create buffer overflows, allowing remote attackers to compromise corporate systems.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Some of the other vulnerabilities can be exploited if users simply view malicious e-mails, while others require users to open attachments or extract compressed files attached to a message.
Several versions of Lotus Notes are at risk, including 7.0 and 6.5.4, admitted IBM. Updating Notes to 6.5.5 or 7.0.1 will solve the problem, the company said.
“Users are strongly urged to use caution when opening or viewing unsolicited file attachments,” said IBM.
The Lotus Notes platform was also affected by a number security bugs last month. These allowed remote attackers to launch denial-of-service attacks to crash corporate systems.
Lotus Notes competes against Microsoft’s Outlook e-mail client.