Security updates: Critical malicious code vulnerabilities threaten IBM software
Attackers could gain full control over PC systems with, among other things, IBM Business Process Manager or IBM Data Replication.
IBM software admins should act now and install the available security patches. Several gaps are with the threat level “critical“. If attackers successfully exploit vulnerabilities, this can have far-reaching consequences for companies.
The gaps in IBM Data Replication, Business Process Manager and Business Automation Workflow are considered particularly dangerous. Here, remote attackers could attack systems via crafted queries and end up executing their own code. If something like this works, the system is usually considered to be completely compromised. See the alerts linked below this message for information on the versions protected against such attacks.
Most of the remaining vulnerabilities are associated with “medium” classified. Attackers could start there for DoS attacks, for example.