RCS removes Selector Java vulnerability
RCS has taken steps to remove the last few remaining pieces of Java from its music scheduler, Selector 15, citing recently stated “zero-day vulnerability” security concerns.
Recent publicity suggests that attackers may be able to use the zero-day vulnerability to execute arbitrary code on a machine. As a result, the attacker could not only compromise the machine, but also steal any data on the device, and turn it into a “node” or “zombie PC”.
Although the amount of Java code is only a very small portion of Selector 15, RCS will replace it immediately with a more secure technology. No other RCS products use this technology.
Philippe Generali, RCS President/CEO stated: “Java on client desktops has been problematic for some time. When it came time to design our next generation products like Zetta, GSelector, Aquira and RCSnews, we deployed more reliable technologies, which adhere to the security standards that our clients deserve. This move mops up a very small corner of our legacy scheduler immediately, rather than waiting for a Java fix that, according to some experts, might take two-years.”
Generali added: “As the world leader in broadcast software, we feel compelled to alert our clients to any vulnerability that could lead to a nefarious party taking control of a radio station.”