Computer Associates (CA) has released a patch to a remote exploit vulnerability in its BrightStor ARCserve Backup system.
On Tuesday, security firm iDefense released a warning about the vulnerability, noting that it affected the Microsoft SQL Server backup agent component of the product.
According to iDefense, the vulnerability could allow a remote user to exploit a buffer overflow to run arbitrary code on the targeted system. CA rated the overall risk of the vulnerability "high," and its impact "critical."
CA's advisory on the matter includes patches for a number of versions of BrightStor ARCserve Backup, including r11.1, r11.0, v9.01, v10.5, and v10.0; all of them for Windows.