CA protects users from Netscape's flaw

CA protects users from Brown Orifice, a malicious application able to penetrate remote systems via netscape's flaw. Find out if you may be affected...
Written by ZDNet Staff, Contributor

HONG KONG - Computer Associates International, Inc. (CA) is advising computer users of a severe security vulnerability in the Netscape Internet browser which is already being exploited by a malicious application known as "Brown Orifice".

This vulnerability, as demonstrated by "Brown Orifice" enables hackers to penetrate remote systems, providing remote access to the files and services of those machines and by extension, access to critical system files, and confidential business information. All versions of Netscape Navigator and Netscape Communicator versions 4.74 and earlier are vulnerable when Java is enabled.

"We consider this to be a significant and serious exposure that represents a real threat to many corporate environments," said Simon Perry, vice president of security solutions, CA. "This is not a virus, but rather a vulnerability inherent to Netscape Web Browsers and Java. It is very similar to the Outlook exposure which caused great concern a few weeks ago."

For several years, content inspection based security technologies have been developed, and many in the industry considered them an elegant solution in search of a problem. This latest threat, and the recent outlook exposures of a few weeks ago should remove any doubt as to the need for content inspection based security systems.

"This latest threat demonstrates how sophisticated the problem of securing systems has become, and provides a clear example of why it is that traditional countermeasures such as firewalls and anti-virus solutions, while essential, are no longer sufficient," said John Kane, senior vice president, research and development, CA. "To put it another way, while others in the industry are scrambling to come up with a solution for this problem, our clients that are running eTrust Content Inspection - are already protected."

eTrust Content Inspection is part of CA's eTrust security solutions, which is built on CA's Unicenter TNG Framework, providing a powerful, comprehensive and integrated solution for building, deploying and securing eBusiness. eTrust enables eBusiness by safeguarding all mission-critical resources, from the browser to the mainframe.

About Computer Associates International, Inc.
Computer Associates International, Inc. (NYSE: CA), a business software company, delivers the end-to-end infrastructure to enable eBusiness through innovative technology, services and education. CA has 20,000 employees worldwide and had revenue in excess of $6 billion for the fiscal year ended March 31, 2000.

Editorial standards