Splunk tells users to patch ‘Y2K-style’ flaw

The issue, which affects all iterations of the Splunk platform, would keep users from getting accurate results when they query threat data.
Splunk, RSA 2019
(Scoop News Group photo)

Data analytics platform Splunk has told users to patch a flaw in the company’s platform that, starting next year, would cause all sorts of problems for people trying to read and search data.

The problem lies in how the data is timestamped on Splunk, which ingests information from a variety of sources. Starting Jan. 1, unpatched “instances” of the Spunk platform won’t recognize data that is stamped with a two-digit year.

The issue, which affects all iterations of the Splunk platform on any operating system, would keep users from getting accurate results when they query threat data for key information.

“As this is a critical update, there is no option to defer it,” the San Francisco-based company said in an advisory released this week.


To prevent those data problems, users can download an updated version of the file that helps the platform process timestamps, tweak the file itself, or upgrade their platform altogether.

“Left unpatched, the effect on customers could be far-reaching,” antivirus company Sophos said in a blog, comparing the Splunk flaw to computer glitches associated with the turn of the millennium.

Splunk, which has been valued at over $2 billion, went on a spree of acquisitions last year, buying analytics provider KryptonCloud, incident management service VictorOps, and the automation tool Phantom.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts