Dell EMC releases patches for data protection products


Recent vulnerabilities that affect certain Dell EMC data protection products have been identified and patches are now available for download.

A set of three vulnerabilities discovered earlier by the Digital Defense Inc. security company, that were identified on Dell EMC’s Data Protection Suite Family products have been now officially patched. Dell EMC has already made these patches available for download and is instructing their users to apply them.

Dubbed as the Avamar Zero-Day vulnerabilities, the three are user authentication vulnerabilities which could allow attackers to obtained stored information. The affected products include the Dell EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4. x, 7.5.0, the NetWorker Virtual Edition 0.x, 9.1.x, 9.2.x and the Integrated Data Protection Appliance 2.0.

These issues are unrelated to the recently discovered Meltdown and Spectre issues that affect CPUs but present a big issue considering that they target the Avamar Installation Manager (AVI).

As noted, Digital Defense and Dell EMC have already fixed the issue but those running these Dell EMC products should patch them immediately. Digital Defense has also uncovered a related issue with VMware’s vSphere Data Protection which has been already been patched as well.


Previous articleCisco Encrypted Traffic Analytics (ETA) now generally available
Next articleIntel and AMD fixing Meltdown and Spectre CPU bugs
Slobodan Simic is foremost an IT enthusiast who discovered his knack for writing, which lead to becoming both an IT journalist and later an Editor for a number of publications. He has been covering anything from the consumer- and professional-oriented hardware to software markets and networks. With a focus on chasing down leads, making sure that fresh content is ready for publishing, as well as keeping up with the evergrowing and evolving IT world, writing has become more of his passion rather than just a job.