7 Elements praised for flagging IT security risk

Edinburgh-based IT security testing firm 7 Elements has been praised by US software group VMware after identifying a vulnerability within its technology that could lead to unauthorised remote access to company servers.
By GARETH MACKIE
Published 9th Oct 2015, 16:00 BST
7 Elements chief executive David Stubley7 Elements chief executive David Stubley
7 Elements chief executive David Stubley

The flaw in VMware’s vCenter software, which was discovered while carrying out a test during a security engagement with a client, meant anyone could access the server to the highest level, a privilege normally reserved for authorised personnel.

7 Elements said the discovery highlighted the importance of security testing within companies to make sure they are protected against malicious users.

Hide Ad
Hide Ad

Chief executive David Stubley said: “We take responsible disclosure of new vulnerabilities seriously and have worked with VMware since February this year to ensure that fixes are available before public release of this issue.”

Doug McLeod, senior security consultant, added: “This could affect a large number of organisations and we strongly recommend anyone running vCenter to ensure that they have either the latest version from VMware running or apply the relevant security patch.”

In response to the discovery of VMware’s security risk, the California-based company said: “VMware would like to thank Doug McLeod of 7 Elements Ltd and an anonymous researcher working through HP’s Zero Day Initiative for highlighting the vulnerability.”

Related topics:EdinburghCalifornia