BankThink

RSA Breach Blamed on Older Version of Windows

Part of the reason RSA Security fell victim to a security breach this year is that it was using an older version of Microsoft Corp.'s Windows, according to a security researcher.

The researcher concluded that RSA, a unit of EMC Corp., used Windows XP because that version of Windows did not automatically switch on a security technology called data execution prevention, Computerworld reported Monday. Later versions of Windows switch on DEP by default.

It is possible that the bug could be modified for later versions of Windows, but the researcher, Rodrigo Branco of Qualys, ruled that out, the article said.

RSA disclosed in March that it had been struck by an attack that affected its security technology, which many banks use to protect internal systems and high-value accounts. RSA offered to replace its customers' security devices, which generate one-time passcodes for connecting to sensitive systems.

For reprint and licensing requests for this article, click here.
MORE FROM AMERICAN BANKER