09:34 AM

Cisco Fixes Critical Router Security Hole

The problem became known at the Black Hat conference in July, when security expert Michael Lynn showed how to take control of Cisco routers using the security flaw.

Cisco has fixed a critical security hole in its Internetwork Operating System (IOS) that could have allowed hackers to crash or take control of the routers and switches that form the backbone of the Internet and enterprise networks.

The networking giant only yesterday disclosed the flaw, even though it has know about it since July. The security hole first became known at the Black Hat security conference in July, when security expert Michael Lynn showed how to take control of Cisco routers using the security flaw. Cisco then squashed making the flaw public by going to court and getting a restraining order against publicly disclosing the security hole.

Cisco waited to publicly disclose the flaw until it was able to issue a patch that would fix it.

Cisco has issued an advisory and patch detailing the flaw and how to fix the hole. As with many other security holes, it exploits a heap-based buffer overflow vulnerability that allows hackers to take control of a router or switch.

The security hole affects all Cisco products that run IOS.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
2014 Next-Gen WAN Survey
2014 Next-Gen WAN Survey
While 68% say demand for WAN bandwidth will increase, just 15% are in the process of bringing new services or more capacity online now. For 26%, cost is the problem. Enter vendors from Aryaka to Cisco to Pertino, all looking to use cloud to transform how IT delivers wide-area connectivity.
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of July 17, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.