Security vendor Internet Security Systems (ISS) - which describes itself as the "most trusted name in Internet security" - has been hit by a critical hole in a common component of its security software that can allow someone to run programs on a machine over the Net.
The hole relates to the way ISS's products monitor ICQ server responses. A boundary error in the PAM (Protocol Analyses Module) component, regarding how it reads the SMB (Server Message Block) protocol, can be used to create a buffer overflow and so grant a remote malicious user complete control of a machine. It doesn't get any worse than that.
The PAM component is so basic that virtually all the company's products are affected, including the commonly used BlackICE security software, plus RealSecure and Proventia products. ISS, which was advised about the hole 10 days ago, have produced patches and upgrades for all its products and urges all customers to "immediately" download and install it. Patches etc can be found here.
The embarassing hole was discovered by eEye and ISS was informed of the problem on 8 March. It developed the patches by 18 March. You can read more about the hole at eEye site here.
Find your next job with techworld jobs