Enterprise IT software vendor Ivanti is calling urgent attention to two new high-severity vulnerabilities in its Connect Secure and Policy Secure VPN products, warning that one of the bugs was discovered during investigation of ongoing zero-day attacks.
The new alert comes on the same day Ivanti belatedly shipped patches for critical bugs being exploited by multiple hacking gangs and adds to the urgency for Ivanti customers to test and deploy available fixes.
After struggling to meet its own patch delivery timeline, Ivanti on Wednesday started rolling out fixes on a staggered schedule and added documentation for two new security defects.
[...]
After Delays, Ivanti Patches Zero-Days ... ew Exploit
After Delays, Ivanti Patches Zero-Days and Confirms New Exploit
-
rbc
- President
- Posts: 295
- Joined: Mon Oct 30, 2023 1:32 am
- Location: Vicksburg, MS
- ISC2 Member Status: Yes
- Contact:
After Delays, Ivanti Patches Zero-Days and Confirms New Exploit
Robert B. Carleton + ISC2 Central Mississippi President