IT Solutions | IT Products | IT Partner
Call Today +353 1 8733588

Archive for the ‘Servers’ Category

OpenSSL warns of another high severity flaw

Following on from the heartbleed bug a few months ago OpenSSL Project plans to release security updates Thursday, 9 July for its widely used cryptographic library that will fix another high severity vulnerability.

OpenSSL implements multiple cryptographic protocols and algorithms including Transport Layer Security (TLS), which underpins encryption on the Web as part of protocols such as HTTP Secure (HTTPS), Internet Message Access Protocol Secure (IMAPS) and Simple Mail Transfer Protocol Secure (SMTPS).

The project did not say which part of the library is affected, but high severity flaws in OpenSSL are usually a big deal, especially if they impact TLS.

OpenSSL is used by a large number of applications and systems, from Web servers to embedded devices, some of which can take a long time to patch.

Months after the critical Heartbleed vulnerability was announced in OpenSSL last year, hardware and software vendors were still identifying affected products and were releasing updates.

According to the OpenSSL Project’s security policy, the flaws that are flagged as high severity affect common configurations and are likely to be exploitable. Their impact includes things like server denial-of-service, significant leak of server memory or remote code execution.

The issue to be patched Thursday affects the 1.0.1 and 1.0.2 versions of OpenSSL. These are the library’s releases that support TLS v1.1 and TLS v1.2, the newest versions of the protocol. The patched versions will be called 1.0.1p and 1.0.2d.

OpenSSL 0.9.8 and 1.0.0, which the project will still support until the end of this year, are not affected.

Another critical vulnerability to Linux distributions dubbed “GHOST

It’s been a worrying few months for Linux Admin’s appliances with yet another critical vulnerability, dubbed “GHOST

A highly critical vulnerability has been unearthed in the GNU C Library (glibc), a widely used component of most Linux distributions, that could allow attackers to execute malicious code on servers and remotely gain control of Linux machines.

The vulnerability, dubbed “GHOST” and assigned CVE-2015-0235, was discovered and disclosed by the security researchers from Redwood Shores, California-based security firm Qualys on Tuesday.
CRITICAL AS HEARTBLEED AND SHELLSHOCK
GHOST is considered to be critical because hackers could exploit it to silently gain complete control of a targeted Linux system without having any prior knowledge of system credentials (i.e. administrative passwords).

The Microsoft Server Selector

The Microsoft Server Selector helps your customers easily find the Microsoft product that meets your needs as well as a recommendation on the Hardware specifications you may need to maximize your investments

 

Windows Server Solutions

Microsoft have many different server solutions, here you will find information the solution that is best for you


Click on the link below for more details

Make a payment on-line

Enter your name or A/C Ref: