What is this issue and why is it a concern?
Some services may be running software where certain versions are known to have security vulnerabilities. In these cases, it hasn't been possible to confirm the exact version in use. Software with known vulnerabilities can increase the risk of cyber-attacks or service disruptions. These issues are often exploited shortly after they are publicly disclosed.
How do I resolve this?
Start by checking which version of the affected software is currently running. If the version is outdated or no longer supported, update to the latest available release. The software provider's website usually provides the most accurate guidance and patch details. It's also a good practice to implement a regular review process. This could include:
- Keeping a record of software in use - Identifying where each service is deployed
- Assigning responsibility for updates and maintenance Staying up to date with vendor patches is one of the most effective ways to reduce exposure to known threats.