IBM i customers should be aware of a new security issue with IBM i Access for Windows version 7.1. This issue will affect a large number of IBM i users as Access for Windows is very commonly used by IBM i customers. US-CERT/NIST in the NVD database indicates this issue has a base score of 7.2 and an impact score of 10. This means that IBM i customers should give this issue attention as soon as possible.
- The vulnerability ID is CVE-2015-2023 and you can find the details here
- IBM provides a description of this issue on their website here
- A fix from IBM is available with Service Pack SI57907 and can be found here
If you are an IBM security administrator I recommend that you sign up for notifications on the NVD website. While the volume of IBM i issues is relatively small, they do occur from time to time and some of them are severe enough to warrant quick action. You can also review IBM i security notifications on the IBM i website here (but be sure to monitor the NVD site too).