Security product flaws are magnet for attackers
The software vulnerability exploited by last week’s Witty worm is only the latest in a growing list of flaws being discovered in the very products users invest in to safeguard their systems. “This is a new realm of risk that users must confront: the security of security products,” said Andrew Plato, president of Anitian Enterprise Security, a systems integration and consulting firm in the US. The Witty worm, which was reported to have damaged 15,000 to 20,000 computers worldwide, took advantage of a flaw involving the BlackIce and RealSecure intrusion-prevention products from Internet Security Systems. The worm wrote random data onto the hard discs of vulnerable systems, causing the drives to fail and making it impossible for users to start up the systems. Full Story