Ivanti Rolls Out Fixes for Critical Security Flaws, Commits to Major Security Overhaul

April 5, 2024
Ivanti Rolls Out Fixes for Critical Security Flaws, Commits to Major Security Overhaul
  • Ivanti has patched four new DoS vulnerabilities in Connect Secure and Policy Secure Gateways.

  • Vulnerabilities include heap overflow, null pointer dereference, and XEE, potentially allowing arbitrary code execution or information disclosure by unauthenticated attackers.

  • The company is undertaking an organizational overhaul with a 'secure-by-design' approach, embedding security in the software development lifecycle.

  • CEO Jeff Abbott has announced initiatives for stack modernization, enhanced vulnerability management, and improved support for on-prem customers.

  • Ivanti plans to introduce AI-powered solutions and a customer advisory board to improve customer experience and feedback.

  • Despite patch releases, additional vulnerabilities have been identified, but Ivanti is investing in a comprehensive security strategy with board and employee support.

  • Customers are urged to apply the patches and use the Integrity Checker Tool to ensure the security of their appliances.

Summary based on 6 sources


Get a daily email with more Tech stories

Related Stories