IT security software specialist Tier-3 says that a report on Slashdot regarding Flash vulnerabilities indicates that null pointer security flaws could be here to stay and quickly evolve into the next big thing in hacking exploits.
Tier-3's, CTO, Geoff Sweeney agrees, We have been monitoring this for some time and confirm that null pointer security flaws are exploitable and could quickly replace buffer overflows as the next big threat. Buffer overflows are of course still an issue, but they are a problem that has been tackled by the industry for many years. Null pointer de-referencing has not received anywhere near the same level of attention, which means that users need to be more vigilant than ever."
Sweeney went on to say that the problem facing computer users is that, if a reliable exploit approach for null pointer de-referencing can be harnessed, then organisations and home users will need to be on alert as their infrastructure is already constantly being threatened, particularly when the affected software is as pervasive as Adobes Flash.
"The solution is to patch and update your applications and operating system wherever and whenever possible, as well as ensuring that your IT security arsenal is capable of defending against the latest IT security threats," he said.
Tier-3, with headquarters in Sydney, is the inventor of Behavioural Anomaly Detection (BAD) technology which is the cornerstone of the HUNTSMAN Threat Management System. HUNTSMAN enables enterprises to scale security management while, at the same time, improving its effectiveness by offering for the first time, insight into enterprise ICT infrastructure and real-time risk-based threat management. Tier-3s significant customer base includes government, financial institutions, major corporations, and organisations in the critical infrastructure and intelligence areas around the world.