CA addresses backup software flaws

CA, formerly known as Computer Associates International, on Thursday issued updates for its BrightStor ARCserve Backup software to address several security vulnerabilities. The most serious of the flaws could be exploited to compromise a vulnerable system.

"CA BrightStor ARCserve Backup contains multiple overflow conditions that can allow a remote attacker to execute arbitrary code," CA said in an alert. The problems affect only Windows systems, the company said. The BrightStor ARCserve Backup Tape Engine service, Mediasvr service, and ASCORE.dll file are affected, it said. CA gives these vulnerability issues a "high risk" rating.