informa
/
Government
News

IBM Issues Patch For DB2 'Viper' Security Flaw

The flaw in one of the latest releases could allow local users to write to, or alter, any file on a company's system.
IBM has released a patch to fix a security vulnerability affecting the Unix, Windows and Linux versions of its DB2 9.1 database software -- previously, code-named Viper.

IBM says there is no workaround for the flaw and that if users don't apply the patch their system "is susceptible to a security vulnerability," according to a statement currently posted on IBM's Web site.

IBM says the flaw could allow local users to write to, or alter, any file on a company's system.

The same vulnerability exists in DB2 version 8, IBM cautions. However, a fix for that version won't be available until April, IBM says.

Released back in June 2006, DB2 9 is touted as an improvement over previous versions as it was designed as more of a self-governing, self-fixing database system that can self-tune the amount of memory assigned to a database.