Linux Today: Linux News On Internet Time.

More on LinuxToday

The Hidden Security Risks of Legacy Software

Jun 11, 2012, 14:00 (0 Talkback[s])

Sometimes there is no security patch available to directly modify and harden a legacy product. But a so-called “virtual patch” can address a known vulnerability upstream of the insecure application itself. For example, legacy database products can be vulnerable to SQL injection attacks – when a query sent to the database sneaks in syntax which tricks the database into modifying or revealing otherwise protected data. A virtual patch could consist of rules in a firewall packet inspector or web server which look for and detect SQL injection syntax and block the request before it ever reaches the vulnerable legacy product.

Complete Story

We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.