ADHOC SAP PRODUCT SECURITY NOTIFICATION

Published on



AD-HOC SAP PRODUCT SECURITY NOTIFICATION
PLEASE DEPLOY SECURITY FIX IMMEDIATELY



Dear customer,

As an extension of our commitment to customers, we take system reliability and security as a serious matter at SAP. With respect to this topic, we have a comprehensive process in place to address security related matters quickly and effectively. Core to our process is how we inform our customers of both routine security issues as well as matters that require immediate attention.

This message is to proactively alert your business to the security patches made available on our recent SAP Security Patch Day. The August 9, 2011 SAP Security Patch Day alert includes a patch related to a J2EE Engine vulnerability. We'd like to reinforce the importance of deploying the security fixes quickly in order to reduce such risk, and in particular (without limitation) security fix # 1589525 (with update-note 1624450).

The risk this security patch addresses was prominently discussed as part of a recent presentation at the Black Hat security conference. Because of the J2EE Engine vulnerability, we ask all customers to immediately deploy the required patch.

You can find details of these issues including the provided fixes in SAP collective note 1616259 on the SAP Service Marketplace (service.sap.com/securitynotes).

For further information about SAP Security Notes see the Frequently Asked Questions.


Best Regards

Gerold Huebner
Chief Product Security Officer

Our User Group Community

1 day ago

Networking is not just for #UKISUGConnect, it's all year round! User Group members can #network with like minded… twitter.com/i/web/status/1…