
Best practice
Doug reviews some notes about the vulnerability, and discovers that if exploited, it can potentially result in a malicious cyber actor gaining unauthorised access to information.
A security patch (code-fix) has been released, but Doug is unsure what impact it could have on his service if implemented.
There are a couple of other mitigating controls that he can introduce to help protect the information in his service until the patch has been deployed.