CA products suffer inherent code problems

by Paul Mah in Project Management

on January 16, 2008, 3:59 PM PST

CA products suffer inherent code problems

Vulnerability-testing company Secunia has published its annual report on security vulnerabilities. Secunia noted that some CA products containing anti-virus components suffer from "inherent code problems."

Vulnerability-testing company Secunia has published its annual report (pdf) on security vulnerabilities earlier this week. In the report, Secunia noted that some CA products containing anti-virus components suffer from “inherent code problems.” One CA product singled out for criticism was ARCserve Backup, which the security company says is poorly coded.

In an interview with sister site ZDNet UK, Thomas Kristensen, Secunia’s chief technology office noted, “ARCserve is inherently insecure. It’s poor code, with a poor design. An internal code review should have revealed problems in the code that needed to be fixed before the product was launched.”

The surprise stems from the fact that many of the same vulnerabilities reported in June 2007 continue to plague the software, despite patches being released to fix them.

According to Thomas Kristensen, “It’s bizarre to see a patched product with vulnerabilities coming from a security vendor. It’s not very smart to have vulnerabilities in a backup solution, as it’s deployed on every workstation on a system, making the system more vulnerable.”

CA declined to comment on the effectiveness of its ARCserve patch.

Do you use CA’s ARCserve in your organization?

By Paul Mah

Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.

Account Information

Contact Paul Mah

Your message has been sent
|
See all of Paul's content

Editor's Picks

Image: Rawpixel/Adobe Stock

TechRepublic Premium
TechRepublic Premium editorial calendar: IT policies, checklists, toolkits and research for download

TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.

TechRepublic Staff
Published: March 14, 2023, 9:10 AM EDT Modified: March 15, 2023, 9:16 AM EDT Read More See more TechRepublic Premium
Image: Blue Planet Studio/Adobe Stock

Payroll
The Best Human Resources Payroll Software of 2023

With a lot of choices in the market, we have highlighted the top six HR and payroll software options for 2023.

Ali Azhar
Published: February 28, 2023, 11:11 AM EST Modified: March 20, 2023, 4:45 PM EDT Read More See more Payroll
Image: Microsoft.

Software
Windows 11 update brings Bing Chat into the taskbar

Microsoft's latest Windows 11 allows enterprises to control some of these new features, which also include Notepad, iPhone and Android news.

Mary Branscombe
Published: February 28, 2023, 2:59 PM EST Modified: February 28, 2023, 2:59 PM EST Read More See more Software
Image: tanatat/Adobe Stock

CXO
Tech jobs: No rush back to the office for software developers as salaries reach $180,000

Salaries for remote roles in software development were higher than location-bound jobs in 2022, Hired finds.

Owen Hughes
Published: March 3, 2023, 3:12 PM EST Modified: March 16, 2023, 12:56 PM EDT Read More See more CXO
Image: Nuthawut/Adobe Stock

Software
The 10 best agile project management software for 2023

With so many agile project management software tools available, it can be overwhelming to find the best fit for you. We've compiled a list of 10 tools you can use to take advantage of agile within your organization.

Brenna Miles
Published: December 27, 2022, 11:45 AM EST Modified: March 16, 2023, 2:25 PM EDT Read More See more Software
Image: Song_about_summer/Adobe Stock

Security
1Password is looking to a password-free future. Here’s why

With phishing-based credentials theft on the rise, 1Password CPO Steve Won explains why the endgame is to 'eliminate’ passwords entirely.

Karl Greenberg
Published: March 2, 2023, 3:44 PM EST Modified: March 7, 2023, 4:10 PM EST Read More See more Security

PURPOSE A large segment of internal and external modern business now takes place on computers, tablets and other mobile devices. The information technology infrastructure that has sprung up around that business can be daunting in its scope. This Hiring Kit from TechRepublic Premium provides an adjustable framework your business can use to find, recruit and ...

PURPOSE This grant writing guide from TechRepublic Premium will help you identify a grant that fits your idea, build a team to help you compile a proposal, and set a timeline to meet the application deadline. From the guide: BEFORE YOU START This list of steps will help the grant writing process go more smoothly. ...

PURPOSE These guidelines from TechRepublic Premium will help you define the necessary ingredients of a security policy and assist in its proper construction. They’re designed to work hand in hand with the subjective knowledge you have of your company, environment and employees. Using this information, your business can establish new policies or elaborate on those ...

CA products suffer inherent code problems

CA products suffer inherent code problems

Editor's Picks

TechRepublic Premium editorial calendar: IT policies, checklists, toolkits and research for download

The Best Human Resources Payroll Software of 2023

Windows 11 update brings Bing Chat into the taskbar

Tech jobs: No rush back to the office for software developers as salaries reach $180,000

The 10 best agile project management software for 2023

1Password is looking to a password-free future. Here’s why

Hiring kit: Business information analyst

Grant writing guide

Guidelines for building security policies

Hiring kit: Artificial intelligence architect

Account Information

CA products suffer inherent code problems

Project Management Insider Newsletter

Account Information

Share with Your Friends

Account Information

Contact Paul Mah

Editor's Picks

Project Management Insider Newsletter