Crazy Linux Bug endangers Windows

A vulnerability in Linux can always affect Windows users – as many servers in the network work with the alternative operating system.

O ne of vulnerability in the Linux kernel allows attackers to modify traffic or prevent at least. Criminals need to know little more than the IP addresses of the data-exchange computer there smuggle about malicious code. The method demonstrated safety researchers at the University of California as part of this year’s USENIX security conference. As a YouTube video to a (supplied) attack shows, the researchers tested, the contents of the news website “USA Today” could replace with your own content. The danger: In the same way could be, for example by exploiting other vulnerabilities, distribute malicious code while looking completely harmless websites. The works may be, when a Web server, the IP address is of course known about advertising from ad networks fades – whose IPs are finally known. Criminals may foist by RFC Vulnerability instead of advertising malicious code. In fact, they were able to date, because: The kernel developers have already responded and Linux patches released that practically already deliver all distributions. Windows users also protect against unpatched servers by a good security suite. In addition, manipulation of delivered via HTTPS sites are not so far been possible.

Security suites 2016: The big this website test

26 results

Eset, G Data, Kaspersky & Co.

When well-meaning is the opposite of good

Cause of vulnerability is a new standard for the data transmission protocol “TCP”, published until of 2010. Almost tragically: Linux is concerned, because the ambitious developers have the RFC 5961 fully implemented since 2012 Design. Windows and Mac OS X are probably only therefore not affected because Microsoft and Apple are still not so far. The “RFC standards” come the way of the Internet Engineering Task Force IETF – and has an ambitious goal: The organization of security researchers and technicians will ensure that the Internet works better. And the Linux developers set the RFC usually very fast to, just so that their operating system is more secure. Here at least that is gone wrong thoroughly how the technology blog Ars Technica security researchers Zhiyun Qian cited: The debt question is tricky because “the RFC is written in a way that it can be problematic when an operating system will implement one to one. I think the responsibility [for the vulnerability] is both the RFC and in the implementation “.

Security Newsletter

You’re almost there!

Lightning fast informed about patches

and current vulnerabilities.

To complete your order, please click

on the confirmation link that you just via mail

got.

Please enter your e-mail address.

All Newsletter Overview