It’s about a vulnerability in software from network service provider citrix that has been known since mid-december. One problem: citrix will not release the first updates that will completely close the hole for another week. Meanwhile, software code for malware that can exploit the vulnerability has been circulating since the weekend.
The security hole can allow attackers to run their software code on the servers. SWR data journalists found the leak on more than 2,000 servers, including those of hospitals, federal and state authorities, power plant operators and banks, according to information released on monday.
Experts feared that criminal hackers would exploit the vulnerability to plant malware on government agencies and companies, which they might activate months later. "The companies compromised by this will have to deal with the effects of this vulnerability for months to come," hans-martin munch of IT security company mogwai labs told SWR radio.
The affected citrix programs are used to optimize server performance and for external dial-in to the IT infrastructure. After the security breach was announced, the company initially published recommendations on measures that could at least be taken to contain the danger.