SAP prepares patch to fix software security flaw

SAP prepares patch to fix software security flaw

Frankfurt: German business software maker SAP said on Friday it planned to release a programme to customers next week to fix a security flaw in its software.

A software security expert had warned flaws in the design of SAP’s business management software can allow hackers to easily break into corporate computer systems via the Internet.

Alexander Polyakov, chief technology officer of software security firm ERPScan, unveiled the vulnerabilities on Thursday at the Black Hat hacking conference in Las Vegas.

He said the flaws affect systems that corporate workers use to access their software systems over the Internet.

“SAP is aware of this vulnerability since we are working very closely with Alexander Polyakov on this issue," a company spokeswoman said.

“SAP will deliver an appropriate patch to its customers on Tuesday, August 9."

Polyakov was one of dozens of hacking experts to make presentations at the annual gathering, which is attended by security professionals.

He said in an interview that he can set up a query using Google Inc’s search engine that would identify systems vulnerable to attack.

In some cases, he said, he could set up fictional accounts to access those systems, granting those users wide access to secret corporate data, and could delete some valuable data by overwriting databases with “trash".