Back up data early and often, experts warn

April rains brought more than May flowers -- they carried an onslaught of new Internet security weaknesses, according to a report issued today from the SANS Institute.

The second quarter of 2005 saw 422 new security vulnerabilities, the latest SANS Top 20 Most Critical Internet Vulnerabilities list states.

That figure is up 10.8 percent from the 381 in the first quarter of 2005 and almost 20 percent higher than the 352 found in the second quarter of 2004, SANS said.

"It is important to draw people's attention to these vulnerabilities because they could result in severe consequences if not properly resolved," said Marc Willebeek-LeMair, chief technology officer at TippingPoint, a division of 3Com that led the SANS vulnerability assessment team.

A disturbing new trend is the number of vulnerabilities in best-selling data-backup products from Veritas and Computer Associates, according to the report.

“These products have become easy targets for attackers and since they have access to substantially all data, their weaknesses cause real danger,” SANS said.

Microsoft Internet Explorer, a favorite of attackers, has many new weaknesses, the report says. The increase in popularity of open-source Mozilla and Firefox browsers have led to more new vulnerabilities in those programs, it states.

Computer users also face danger from supposedly innocuous sources as well, SANS said. New weaknesses in RealPlayer and iTunes can hand over a user’s system to outsiders, the report warns.


  • Comment
    customer experience (garagestock/

    Leveraging the TMF to improve customer experience

    Focusing on customer experience as part of the Technology Modernization Fund investment strategy will enable agencies to improve service and build trust in government.

  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

Stay Connected