IBM Security Team Patches CA Security Flaws

The vulnerabilities allow remote users to gain administrative privileges on CA's Brightstor ARCserve platform. Because the backup system is typically used to protect and recover mission critical data, IBM recommends that customers deploy the patches immediately.

A CA spokesman said his company provided patches for these vulnerabilities Thursday morning, hours before IBM's release. CA has not received any reports from customers affected by these vulnerabilities, he added.

Additional information on the security advisories for these vulnerabilities can be found at www.iss.net/threats/252.html and www.iss.net/threats/253.html.

According to IBM, its customers are proactively protected from such vulnerabilities using IBM's Virtual Patch technology, which automates patch discovery and deployment in cases like this.