“When you’re a Fortune 500 company that’s a favorite target of sophisticated hackers, it often makes sense to install security appliances at the outer edges of your network to stop attacks before they get far,” Dan Goodin reports for Ars Technica. “Now, researchers say they have uncovered a vulnerability in such a product from security firm FireEye that can give attackers full network access.”
“The vulnerability, which is on by default in the NX, EX, AX, FX series of FireEye products, was FireEye last week, after researchers from Google’s Project Zero privately reported it,” Goodin reports. “It made it possible for attackers to penetrate a network by sending one of its members a single malicious e-mail, even if it’s never opened. It’s not uncommon for outsiders to find such critical flaws in a security product. Still, the proof-of-concept exploit underscores that such game-over threats often extend to some of a network’s most critical equipment.”
Read more in the full article here.
MacDailyNews Note: FireEye released an automated remediation to customers 6 hours after notification, mitigating any customer exposure by Saturday morning, December 5th and released a full, automated fix on Monday, December 7th. FireEye users should make sure their device is running security content release 427.334 or higher.
Fun times. I bet Apple could do a great job designing security hardware, maybe partnering with IBM, and get the seal of approval from both, IBM rep and Apple ease of use and configuration?
Yeah, I was reading about this earlier. FireEye has made some good security catches this year. But this little blunder gave them a BlackEye.
When you have Windows machines active on your network you have far bigger things to worry about than this. Botnets, worms and rampant spyware are just the start of it
Does anyone know of a Fortune 500 company who actually uses Fireeye products instead of Cisco ASA or Juniper SRX security appliances?
From an email that you don’t even open?
I fear that since such things exist for “FireEye” why not something else? What are the potential vulnerability risks for the rest of us? How do we find and mitigate these things, in general?
Either FireEye was stupid in it’s implantation, or they provided a common feature to other security products, that is inherently risk prone.
I am coming from the stand point that nothing is perfect.
Didn’t they say all our problems would be solved with education’??
Well here we are.