You are here

Security bug SAP patched draws US govt alert

Vulnerability can still give attackers remote control over older systems if security updates are not applied

BT_20160513_KVSAP13AAC8_2277624.jpg
Customers rely on a chain of consultants, external audit firms and specialised internal SAP security teams to decide when to install patches without risking destabilising their systems.

Frankfurt

EUROPE'S biggest software company, SAP, is the subject of a US security alert over a vulnerability the firm disabled six years ago that can still give outside attackers remote control over older SAP systems if the software is not properly patched.

SAP fixed the issue, but