CA updates ARCserve Backup
Computer Associates have fixed multiple flaws in their ARCserve Backup software. The reason for the update was the Java runtime environment (JRE) in versions r12.5, r12.0 and r11.5 for Windows. CA say that not only is the JRE subject to multiple vulnerabilities, but it has also reached its end-of-life and rate the related security risk as high.
Those who already use ARCserve Backup r12.5 SP1 are off the hook. The vendor has also provided links to separate patches for the three versions in the relevant advisory.
See also:
- Security Notice for CA ARCserve Backup, security advisory from CA.
(crve)