|
Autonomy release the legal attack dogs against Secunia |
|
|
|
|
Written by Editor
|
|
Thursday, 06 December 2007 |
|
It seems that in these days where disclosure of Security vulnerabilities is the norm, and most vendors actually have embraced the concept that keeping these quiet actually will harm their business more, the people at Autonomy have been living under a rock and don’t want anyone to know their products contain security problems.
It seems Secunia where about to release an advisory about a security problem in Autonomy’s KeyView software, so they contacted Autonomy to get some more information about what versions of the KeyView software where vulnerable and which where not. The KeyView software is used in Symantec and IBM products, and the vulnerabilities in question are publicly known.
After contacting Autonomy it seems they did not want Secunia to actually publish and details of the problem and sent them a series of letters from their legal team to threaten them with legal action. Basically Autonomy wanted Secunia to not publish information about the fact that vulnerability Secunia advisory SA27835 in that details a problem within the Lotus 1-2-3 File Viewer, an issue that has been fixed by IBM, obviously also affects Autonomy's own versions 9.2 and 10.3 of KeyView.
Alas however the action by Autonomy has probably caused more negative publicity than if they had let Secunia publish the information in the first place. As it would have probably just been missed as many pay little attention to Application problems than they would do to say an OS vulnerability.
For more information you can see more in the blog post by Secunia here. |
Welcome to Virus.Org ! 
