Cisco Systems has upgraded its Internetwork Operating Software (IOS) to fix a security hole malicious people could use to unleash denial-of-service attacks.
According to the San Jose, Calif.-based networking giant,
Cisco has made free software upgrades available "to address this vulnerability for all affected customers."
Dan Jackson, president and COO of Dallas-based security firm DeepNines Technologies, warned in a statement that this flaw could signal a greater threat to routers going forward. "From a security standpoint, 2005 is the year that the router becomes the Achilles heel of the network," he said. "Where there's smoke, there's fire -- meaning these won't be the last router vulnerabilities we hear about this year."
He added: "Cisco's greatest asset, its large market share, could become one of its most glaring weaknesses. Just as Microsoft's market share makes it a target for attackers, so, too, Cisco could begin to suffer attacks more regularly. The real problem is that there has been virtually no protection for routers…"
That assessment is in contrast to that of Danish security firm Secunia, which labels the IOS problem "less critical" in its advisory.