NEWS A trio of loopholes found in Big Blue's Lotus Notes and Domino application server could have severe safety repercussions, according to US-based security research firm Rapid7. "The impact of these vulnerabilities range from denial of service to potentially gaining full remote control of the Domino server," Rapid7 said in a statement. "In some situations, crashing the Domino server can also lead to corruption of Lotus Notes databases, including names and address books," the company added. Rapid7 is urging systems administrators to upgrade their Lotus Notes software to rectify these flaws, which affects several versions of the product. Users of R5.0.11 or earlier are advised to upgrade to R5.0.12, a fixed version which was released by IBM two weeks ago. Customers using the pre-release versions of Lotus Notes R6 are also affected, and are advised to switch to the newer R6.0.1. While Rapid7 first issued the security warning last week, the company will only release full details of these vulnerabilities later today. This is to give system administrators time to fix their systems, the company said. The practice to delay the full disclosure of such security information is not unusual. Security firms typically do this to prevent malicious users from exploiting the known vulnerabilities before end users are able to apply the patches. This is not the first security alarm bell sounded for the software giant's Lotus Notes and Domino server platforms. Last month, UK-based security consultant Next Generation Security Software also highlighted similar flaws which allow hackers to run malicious code on computers running IBM's Lotus Domino or iNotes software. When contacted, an IBM spokesman said the fixes for these vulnerabilities have been thoroughly tested and distributed to its customers via maintenance releases such as R6.0.1 and R5.0.12. "To date, none of our customers have expressed any concern over this," said Erik Elzerman, director of software for IBM ASEAN and South Asia. Lotus support downloads are available from IBM's website. Winston Chai writes for CNET Asia
IBM in triple security alert
Problems with Notes and Domino
Post your comment
In order to post a comment you need to be registered and logged in.
You can also log in with Facebook. Log in or create your silicon.com account below
Get silicon.com's daily newsletter
-
Enter your email to register
Featured white papers
-
CIO challenges: Bringing your iPad to work
The arrival of personal technology in the office is a challenge for all organisations. The technology is here, but not...
-
2012 Olympics: Is your business prepared?
Athletes prepare for all kinds of conditions and problems in competition. With the London-hosted Olympics fast...
-
10 safety tips for business in 2012
Remember 2011? It seems like so long ago, with the speed of IT moving faster all the time. Data keeps growing, social...
Keep in touch with silicon.com
-
Connect with silicon.com on Facebook
Discuss the news of the day with the silicon.com team
-
Follow silicon.com on Twitter
Get regular updates from the silicon.com editors
-
Join the silicon.com LinkedIn networking group
Network with your peers and share expertise
Latest jobs
-
Managing Director - NBA3045
Managing Director – Cash and Transit Salary: £95K - £140K Basic, Bonus, Pension Scheme, Family...
-
Managing Director - NBA3045
Managing Director – Cash and Transit Salary: £95K - £140K Basic, Bonus, Pension Scheme, Family...
-
Managing Director - NBA3045
Managing Director – Cash and Transit Salary: £95K - £140K Basic, Bonus, Pension Scheme, Family...
silicon.com newsletters
-
Stay up to date with silicon.com newsletters
Keep up with the latest news and analysis from silicon.com with our free email newsletters
