Tag: patching

A few months ago we had Daylight Savings Time. My parents were delighted to discover that “the clock” in their car automatically adjusted itself, as did their computer. But now they had to change the two clocks in their bedroom, the two clocks in the kitchen, and several others around the house. How did the […]

The big cybersecurity news of the past couple of weeks has been the WannaCry worm. It took advantage of some rather old bugs, dating back to Windows XP and Windows Server 2003. We got lucky! The vulnerability, the problems in the targets, allowed unlimited abuse. But the exploit, the attackers’ code, had a built-in “kill […]

I was recently doing some work at a Major Financial Institution when I overheard two systems engineers comparing notes: “I have to install that Bash shell patch on my servers by the end of next month.” “Hah! My servers don’t have to have it until the end of the month after that! Guys, please. Patch […]

  The security world came abuzz recently when a very serious bug was announced in the GNU Bash shell. It’s a bad one, easy to exploit and with serious results. The new trend is to give a significant bug a catchy name and logo, and this one quickly became known as Shellshock. Here is a […]

Vulnerability CVE-2012-0056 is a nasty one if you’re running a Linux kernel release 2.6.39 through 3.2.1. The exploit is a privilege escalation attack, meaning that the attacker has to get a foothold on your system. But once the attack has an unprivileged process on your system, its privileges can be elevated to root. Game over. […]