IBM Issues Patch For DB2 'Viper' Security Flaw
The flaw in one of the latest releases could allow local users to write to, or alter, any file on a company's system.
![](https://eu-images.contentstack.com/v3/assets/blt69509c9116440be8/bltc0182b2356ae8eed/64b83949410a1b4c0bd7459b/IW_generic_image.png?width=1280&auto=webp&quality=95&format=jpg&disable=upscale)
IBM has released a patch to fix a security vulnerability affecting the Unix, Windows and Linux versions of its DB2 9.1 database software -- previously, code-named Viper.
IBM says there is no workaround for the flaw and that if users don't apply the patch their system "is susceptible to a security vulnerability," according to a statement currently posted on IBM's Web site.
IBM says the flaw could allow local users to write to, or alter, any file on a company's system.
The same vulnerability exists in DB2 version 8, IBM cautions. However, a fix for that version won't be available until April, IBM says.
Released back in June 2006, DB2 9 is touted as an improvement over previous versions as it was designed as more of a self-governing, self-fixing database system that can self-tune the amount of memory assigned to a database.
About the Author(s)
You May Also Like