Security News

Cybersecurity firm Trustwave on Wednesday disclosed the details of several vulnerabilities found by its researchers in SAP Adaptive Server Enterprise. SAP ASE is a relational database management system that is used by many major organizations, particularly in the financial sector.

A new set of critical vulnerabilities uncovered in SAP's Sybase database software can grant unprivileged attackers complete control over a targeted database and even the underlying operating system in certain scenarios. A second vulnerability concerns ASE Cockpit, a web-based administrative console that's used for monitoring the status and availability of ASE servers.

A new set of critical vulnerabilities uncovered in SAP's Sybase database software can grant unprivileged attackers complete control over a targeted database and even the underlying operating system in certain scenarios. A second vulnerability concerns ASE Cockpit, a web-based administrative console that's used for monitoring the status and availability of ASE servers.

Gurobi Optimization announced that it has been selected by SAP SE as the premier, enterprise-wide supplier for mathematical optimization technology, and has entered into a long-term strategic partnership with SAP to enhance and expand the use of mathematical optimization across SAP's enterprise application software suite. As a result of the partnership, SAP and Gurobi will be able to more effectively collaborate on innovations that will improve the utilization of mathematical optimization within SAP's software.

SAP's May 2020 Security Patch Day updates, which the company released on Tuesday, include a total of 18 Security Notes and 4 updates to previous Notes, with six of them rated Hot News. This month, SAP released another update to a Hot News Security Note released in April 2018, which includes security patches for Chromium browser controls in Business Client.

SAP this week revealed that it is notifying customers of a series of security issues that it has identified in its cloud products. The Germany-based enterprise software maker said it discovered that some of its cloud products "Do not meet one or several contractually agreed or statutory IT security standards at present."

Virtustream, an enterprise-class cloud company and Dell Technologies business, announced new Managed Availability Services designed to deliver 99.95% availability for mission-critical SAP applications, giving peace of mind to enterprise customers who require the highest level of up-time for their applications. The new Managed Availability Services complement Virtustream's extensive xStreamCare services portfolio, extending its end-to-end support - from migration to management - for customers' SAP applications on the Virtustream cloud.

SAP this week released its latest set of security patches, which brings a total of 23 Security Notes, including five that address Hot News vulnerabilities. Another Hot News Security Note released as part of the April 2020 SAP Security Patch Day addresses a directory traversal vulnerability in SAP NetWeaver.

More than two thirds of SAP users believe their organizations put insufficient focus on IT security during previous SAP implementations, while 53.4% indicated that it is 'very common' for SAP security flaws to be uncovered during the audit process. 74.0% expect IT security to take greater priority in future SAP deployments, with 89.6% agreeing that security specialists should be brought on board to support their SAP S/4 HANA transformation programs.

SAP on Tuesday released 16 security notes and two updates to previously released patches as part of its March 2020 Security Patch Day, with three of the new notes rated hot news. The most important of the notes address critical missing authorization checks in Solution Manager.