Download This Special Report

Sunday, February 12, 2006

VARs News: Lotus Notes Susceptible to Bugs

Big Blue and security advisors announced to the public on February 10 that six critical bugs that could impact the VARs world significantly have been identified in IBM’s Lotus Notes. They claim that the weaknesses could allow hackers to break into and attack corporate networks if not addressed.

The bugs were discovered by a Danish tracking company Secunia, and have been labeled as “highly critical.” The firm stated that some of these imperfections created buffer overflows, which is the only gateway needed for hackers to get into systems and start entering their own codes. Some of the half dozen bugs can transmit dangerous information merely if a user opens a malicious email, while others require attachments to be opened in order to inflict harm.

Several Lotus Notes versions, including 6.5.4 and 7.0 displayed these bugs, which can be fixed simply by updating to version 6.5.5 or 7.0.1. IBM recommended to users that they be particularly vigilant about not opening suspicious emails or file attachments, even from familiar or known senders. IBM offered quick fixes for some Lotus Notes clients unable to immediately patch the problem, but required other administrators to disable many DLLs.

The last bugs to show themselves in Lotus Notes were in late January. It was at this point that IBM first announced that the email system and its client could be at risk for DoS strikes.

Blogged By: Computer Consulting 101