The most serious flaw in the security of Olympic Games 2024 security equipment is that it can be exploited by attackers who can use it to remotely control machines that aren’t fully secured.
The flaw is the latest security hole to be found in Olympic security hardware that was designed to protect the Games from cyberattacks.
This is the first time a major security hole in the IOC’s security systems has been discovered.
In fact, the IOC has yet to release a fix for the vulnerability that allows an attacker to remotely execute code in a process that isn’t secure.
The IOC security team, including representatives from Microsoft, the Federal Bureau of Investigation and other security firms, released a patch to address the issue Monday.
The IOC has also said that the issue is likely not being exploited because it’s designed to be a pre-pandemic software upgrade for IOC-certified machines.
However, the vulnerability is likely still exploitable, according to two experts who spoke with Recode.
They said that this could be because attackers still have the ability to remotely commandeer machines that are not fully secured and that they still have access to IOC-issued hardware that doesn’t require security patches.
The security experts also said the IOC should make an effort to fix the issue as soon as possible and deploy the fix within three months of the IOCs announcement.
“The IOC needs to make a concerted effort to make sure that their infrastructure is secure,” said Daniel B. Smith, a former senior researcher at the Center for Democracy and Technology.
“This is something that needs to be fixed immediately.”
Microsoft said in a statement that it is “committed to the security and privacy of our customers and partners,” but added that it “remains committed to ensuring that the IOC makes the most of the latest updates as quickly as possible.”
“Microsoft has worked with the IOC to provide the best security possible and continue to provide support for IOC members,” the statement said.
“We also work closely with the U.S. Olympic Committee to ensure the IOC continues to provide safe, secure infrastructure.”
In addition to the vulnerability, the flaw in IOC software could be exploited to remotely run arbitrary code on machines that don’t require a patch, according a blog post by Microsoft’s Security Response Center.
It’s unclear how widespread the problem is.
Microsoft told Recode that it hasn’t detected any evidence that a vulnerability in the software is being exploited.
However, it said that it was investigating whether the IOC could have been compromised because of its use of IOC-purchased hardware.
The software has a security rating of “provisional,” meaning it’s not widely available and could be easily broken, the company said.
In a statement to Recode, IOC said that Microsoft has provided a “complete list of technical and regulatory guidance that is consistent with the recommendations made by the IOC in its recommendations to address IOC-issue issues.”
While the IOC hasn’t released a fix yet, it says it’s working on it.
This article was updated at 12:10 p.m.
ET to include Microsoft’s response to the IOC.