Banner

If you're tired of worrying about viruses, want more control over how your computer works or tired of paying for software that should be free it's time to dump Microsoft and switch to Linux.
Need to chat live with me for tips and tricks with your computer or crafts? Click the LIVE CHAT menu link above. Check out the all new accessibility feature. Look for this icon in the bottom left corner

Saturday, March 30, 2024

Secret Backdoor Found in XZ Utils Library, Impacts Major Linux Distros

Urgent: Secret Backdoor Found in XZ Utils Library, Impacts Major Linux Distros


RedHat on Friday released an "urgent security alert" warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious code designed to allow unauthorized remote access.

The software supply chain compromise, tracked as CVE-2024-3094, has a CVSS score of 10.0, indicating maximum severity. It impacts XZ Utils versions 5.6.0 (released February 24) and 5.6.1 (released March 9).

"Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code," the IBM subsidiary said in an advisory.

Read more on thehackernews.com

-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)