IBM Issues Patch For DB2 'Viper' Security Flaw

The flaw in one of the latest releases could allow local users to write to, or alter, any file on a company's system.

Paul McDougall, Editor At Large, InformationWeek

February 23, 2007

1 Min Read
InformationWeek logo in a gray background | InformationWeek

IBM has released a patch to fix a security vulnerability affecting the Unix, Windows and Linux versions of its DB2 9.1 database software -- previously, code-named Viper.

IBM says there is no workaround for the flaw and that if users don't apply the patch their system "is susceptible to a security vulnerability," according to a statement currently posted on IBM's Web site.

IBM says the flaw could allow local users to write to, or alter, any file on a company's system.

The same vulnerability exists in DB2 version 8, IBM cautions. However, a fix for that version won't be available until April, IBM says.

Released back in June 2006, DB2 9 is touted as an improvement over previous versions as it was designed as more of a self-governing, self-fixing database system that can self-tune the amount of memory assigned to a database.

About the Author

Paul McDougall

Editor At Large, InformationWeek

Paul McDougall is a former editor for InformationWeek.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights