Nadradený pojem:
Podradené pojmy:
Susedné pojmy:
Middleware vulnerabilities and security threats
Description
In the Cisco 2016 Midyear Cybersecurity Report,
we shared data about attacks against server-side systems. In 2017,
middleware, which connects platforms or applications, is poised to
attract attackers seeking places to operate where defenders are slow to
react or recognize a threat.
Cisco researchers, while looking for vulnerabilities in third-party software, discovered an average of 14 new vulnerabilities in software per month. Most of those vulnerabilities (62) were attributable to the use of middleware. Of those 62 vulnerabilities, 20 were found within code that handles PDFs; 12 were found in code that handles images; 10 were found in code for common office productivity solutions; nine were found in code for compression; and 11 were found in other libraries (Figure 41).
Vulnerabilities in middleware pose a unique security threat because their libraries are not usually updated as rapidly as software that is more client-facing—that is, software that users interact with directly on a day-to-day basis, such as productivity solutions. Middleware libraries may be left out of software audits, so vulnerabilities remain in place.
Organizations may gamble on middleware being safe and may place greater attention on updating high-profile solutions. But they can lose the bet that adversaries won’t seek entry to networks through these low-profile pathways. Middleware thus becomes a security blind spot for defenders and an opportunity for attackers.
The challenge of updating middleware libraries closely relates to the open-source software problem (discussed in the Cisco 2015 Midyear Security Report), since many middleware solutions come from open-source developers. (However, the problem at hand can affect both open-source and proprietary middleware developers.) Therefore, middleware libraries may rely on many developers to keep them updated. On the list of tasks that an overtaxed IT or security team needs to manage, middleware library updates may not be a top priority, but they should be given greater attention.
Cisco researchers, while looking for vulnerabilities in third-party software, discovered an average of 14 new vulnerabilities in software per month. Most of those vulnerabilities (62) were attributable to the use of middleware. Of those 62 vulnerabilities, 20 were found within code that handles PDFs; 12 were found in code that handles images; 10 were found in code for common office productivity solutions; nine were found in code for compression; and 11 were found in other libraries (Figure 41).
Vulnerabilities in middleware pose a unique security threat because their libraries are not usually updated as rapidly as software that is more client-facing—that is, software that users interact with directly on a day-to-day basis, such as productivity solutions. Middleware libraries may be left out of software audits, so vulnerabilities remain in place.
Organizations may gamble on middleware being safe and may place greater attention on updating high-profile solutions. But they can lose the bet that adversaries won’t seek entry to networks through these low-profile pathways. Middleware thus becomes a security blind spot for defenders and an opportunity for attackers.
The challenge of updating middleware libraries closely relates to the open-source software problem (discussed in the Cisco 2015 Midyear Security Report), since many middleware solutions come from open-source developers. (However, the problem at hand can affect both open-source and proprietary middleware developers.) Therefore, middleware libraries may rely on many developers to keep them updated. On the list of tasks that an overtaxed IT or security team needs to manage, middleware library updates may not be a top priority, but they should be given greater attention.
Importance
High