Vulnerabilities don’t get much worse than cases where typing the right characters into a chat box gives you remote access to the world’s Minecraft servers. Whoops.
It’s been termed the worst hack in history, primarily by those seeking cheap clicks, but still…it’s not good. The CVE is rated a 10.0.
The vulnerability will “haunt the Internet for years” (according to some). The reason is that it’s not a front-line or top-stack component but rather something that’s bolted-on as needed at various places in the Java ecosystem. The problem is identifying where it’s in use – your own code, vendor products, open source dependencies, etc.
Interestingly, this may give a boost to those demanding a “software bill of materials”. You can’t buy a piece of industrial equipment without being told all the hazardous materials involved, etc., so why not receive a similar safety list when buying software?
Patches for this vulnerability are already available. The typical LowEndBox reader is less likely to be running a lot of Java…but it does show up in places like Minecraft and also most enterprisey software. Just update already.
Related Posts:
- We are Social Butterflies!Check Us Out Wherever You Browse, View, or Tap! - December 23, 2024
- Let’s Celebrate the Winter Solstice with Awesome Deals and a Free Bonus Code for RackNerd’s Giveaway! - December 22, 2024
- MetWeb has a 30% Off Deal on Cheap VPS Offers in Utah for Our Readers! - December 21, 2024
Leave a Reply