IBM Retired Db2 Web Query; It’s Time You Did, Too

February 5, 2024 Bill Langston

Just as you were returning to work to begin the new year, IBM published a security bulletin alerting Db2 Web Query customers that the software is “vulnerable to a remote attacker bypassing security restrictions or executing arbitrary code, to a local authenticated attacker obtaining sensitive information, or to denial of service.” The Four Hundred reported on the vulnerability in detail here.

The security bulletin only references release 2.4.0 of the now withdrawn Db2 Web Query software, but we suspect that is only because IBM doesn’t test unsupported releases. We believe the security vulnerabilities listed in the bulletin also exist in Db2 Web Query release 2.3.0 and prior releases.

This news puts Db2 Web Query customers in an uncomfortable position. Since the software is no longer marketed by IBM, IBM will not let you extend your software maintenance beyond the current term; they have recommended customers look for an alternative solution.

If you are running Db2 Web Query release 2.4.0 and can’t stop using the software immediately, you should heed IBM’s warnings and apply the Program Temporary Fixes (PTFs) as soon as possible. If you are like many Db2 Web Query customers who are running an earlier release, you have a couple options:

• Ignore the warning and cross your fingers.
• Spend the time upgrading to release 2.4.0, applying the PTF’s, and assigning someone to test your production queries at the new level. Of course, all this work means investing further in software that IBM will support only through the remaining months of your current software maintenance term.

We think you should treat this security bulletin as justification for your company to prioritize replacing Db2 Web Query as soon as possible.

NGS specializes in IBM i business intelligence and reporting. Unlike IBM and many of our competitors, our development and technical support resources aren’t divided across product lines and platforms. Our livelihood depends on our ability to help you use our software successfully over the long term.

We welcome you to begin your search for an IBM Db2 Web Query alternative by watching the on demand video, Planning Your Exit from IBM Db2 Web Query, scheduling a conference call with our team, and requesting a private web demo of NGS-IQ.

Bill Langston is director of marketing at New Generation Software, Inc.

This content was sponsored by New Generation Software.

RELATED STORIES

IBM Patches a Slew of Security Vulns in Db2 Web Query

IBM Suddenly Pulls The Plug On Db2 Web Query for i

Db2 Web Query Customers Left In The Lurch

IBM, TIBCO Remain Mum on Db2 Web Query Future

IBM Finally Comments On Db2 Web Query For i Withdrawal

IBM i Shops Have Alternatives to Db2 Web Query

The IT Balancing Act