Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

28x →

December 31, 2015 by Marc Handelman in All is Information, Brilliant, Information Security, Operating System Security, OpenSource, Operating Systems

Old, as these things go, yet truly the most glaring example of operating system failures yet seen, this time in Linus's Linux (Full Disclosure: We are heavy users of at least three Linux distro's)... Comes this outstandling and outrageous vulnerability, starting in 2009's release of Grub (also known as the Grand United Bootloader) all the way down through the ages to today 2015! The Dr's Marco and Ripoll of this embroglio-laden code expound further:

"A vulnerability in Grub2 has been found. Versions from 1.98 (December, 2009) to 2.02 (December, 2015) are affected. The vulnerability can be exploited under certain circumstances, allowing local attackers to bypass any kind of authentication (plain or hashed passwords). And so, the attacker may take control of the computer. Grub2 is the bootloader used by most Linux systems including some embedded systems. This results in an incalculable number of affected devices." - via Hector Marco, Ph.D. & Professor Ismael Ripoll, Ph.D., Cybersecurity Group.

December 31, 2015 /Marc Handelman
All is Information, Brilliant, Information Security, Operating System Security, OpenSource, Operating Systems
  • Newer
  • Older