Linux Lite Forums

General => Security & Bug Fixes => Topic started by: Mart on May 16, 2018, 08:15:22 AM

Title: Windows, Apple macOS, Linux, BSD: All hit by same 'serious' security flaw
Post by: Mart on May 16, 2018, 08:15:22 AM
Just thought I'd share this zdnet.com article with the community.

Not fully understanding the security implications of this for the average linux user like myself, but perhaps those more technically proficient amongst us could shed some more light on the subject. Here are the relevant links -

https://www.zdnet.com/article/microsoft-windows-apple-macos-linux-bsd-all-hit-by-same-serious-security-flaw/

https://access.redhat.com/security/vulnerabilities/pop_ss

https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1087.html


Footnote:

It seems Linux servers (without a 2013 security patch/plugin) could be exploited to turn them into cryptocurrency miners.

Was just thinking - knowing about this could help protect the new LL server from similar exploitation.



Title: Re: Windows, Apple macOS, Linux, BSD: All hit by same 'serious' security flaw
Post by: trinidad on May 16, 2018, 08:51:15 AM
We've actually been looking at this one, only because it's one of the exceptions to an earlier mitigation and tied to legacy functions. A malingerer so to speak.

https://security-tracker.debian.org/tracker/CVE-2018-7755

I believe what you refer to has been mitigated for Intel back to core 2 duo in Ubuntu LTS.

TC
Title: Re: Windows, Apple macOS, Linux, BSD: All hit by same 'serious' security flaw
Post by: Mart on May 16, 2018, 08:59:55 AM
Thank you Trinidad for your prompt reply.

It was reassuring to get your feedback on this.

Cheers!

Mart.
Title: Re: Windows, Apple macOS, Linux, BSD: All hit by same 'serious' security flaw
Post by: newtusmaximus on May 16, 2018, 12:47:45 PM
TRINIDAD,  Is that back to AND including Core Duo?  Thanks.