Cisco patches DoS vuln pair in IOS Cisco has issued a pair of updates today patching two remote denial of service vulnerabilities affecting certain devices running its Internetwork Operating System (IOS). The vulnerabilities are limited to kit running Cisco IOS software with support for four-octet Autonomous Systems number space (AKA: 4-byte AS number) and …
It's pretty easy to say one should upgrade to the non-flawed IOS, but it's much tougher to actually do it...especially in a large enterprise. IOS roll-out to a network of a few thousand, or even a few hundred, devices might take months to complete. And the roll-out wouldn't start until after the QA team shook it out for a while in the lab. Let's face it, IOS upgrades to plug a relatively esoteric security exposure fall way down the priority list of most companies. They've got far too many Microsoft patches to apply to the desktops and servers without regularly disrupting the networks in between. Live with the IOS bugs and holes until there's a compelling (feature) reason to upgrade.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
