Technological News Portal

Cisco Patches Critical Vulnerability That Could Compromise Windows Systems

Cisco, being one of the major players in the networking hardware arena, has to be very focused on the security of its devices. The company has recently patched a critical vulnerability which, if left unattended, allowed a hacker to gain control of a machine running Windows.


Cisco

The vulnerability apparently affected Cisco Secure Access Control Server for Windows. The compromised versions of the software include Cisco Secure ACS 4.0 to 4.2.1.15.

The exploit essentially allowed a remote hacker to gain control of a Windows machine and then execute commands of his own on that machine. In other words, he could gain near-complete control of the operating system running atop the machine.

According to a statement issued by Cisco, “The vulnerability is due to the improper parsing of user identities used for EAP-FAST authentication. An attacker could exploit this vulnerability by sending crafted EAP-FAST packets to an affected device. An exploit could allow the attacker to execute arbitrary commands on the Cisco Secure ACS server and take full control of the affected server.”

Thankfully, Cisco has been able to take note of this vulnerability in time. Together with the advisory notes quoted above, the company has dished out a patch which effectively removes the vulnerability from Secure ACS. The patch arrives as part of Cisco Secure ACS for Windows 4.2.1.15.11. So if you’re running the software in question on any of your machines, you are advised to update it as soon as possible.

Source: Cisco

[ttjad keyword=”wireless-router”]

You might also like
Why Not Join 250,000+ Readers, Like You!
AND GET OUR LATEST CONTENT IN YOUR INBOX

SUBSCRIBE 
Your information will never be shared
close-link