Kerberos, the popular authentication protocol developed by the Massachusetts Institute of Technology, is vulnerable to three serious flaws that could allow an attacker to gain access to protected corporate networks, MIT researchers disclosed late on Tuesday. Unix variants such as Solaris and Apple Computer Inc.'s Mac OS X, and Linux distributions such as Red Hat and Gentoo all contain the affected code. Windows also uses a version of Kerberos, but it doesn't contain the flaw.
The big-iron Unix boxes from HP, IBM, and Sun -- plus everybody's X86 servers running Red Hat Linux AS -- are particularly vulnerable to the Kerberos security flaws because Kerberos is often at the heart of authenticating user log-ins. Thus, enterprise IT professionals would be well advised to install the Kerberos patches to Unix when they become available. The reason for alacrity is that the bad-guy hackers, now alerted to the vulnerabilities, will concentrate on this new avenue into the computer systems of global enterprises, governments, and educational institutions.
The workload for the fixes includes patching hundreds of thousands of Unix servers, which will undoubtedly have to be taken out of 24 x 7 service to reboot the changes.
No comments:
Post a Comment
All comments are moderated.
Note: Only a member of this blog may post a comment.