Vulnerabilities don’t get much worse than cases where typing the right characters into a chat box gives you remote access to the world’s Minecraft servers. Whoops.
It’s been termed the worst hack in history, primarily by those seeking cheap clicks, but still…it’s not good. The CVE is rated a 10.0.
The vulnerability will “haunt the Internet for years” (according to some). The reason is that it’s not a front-line or top-stack component but rather something that’s bolted-on as needed at various places in the Java ecosystem. The problem is identifying where it’s in use – your own code, vendor products, open source dependencies, etc.
Interestingly, this may give a boost to those demanding a “software bill of materials”. You can’t buy a piece of industrial equipment without being told all the hazardous materials involved, etc., so why not receive a similar safety list when buying software?
Patches for this vulnerability are already available. The typical LowEndBox reader is less likely to be running a lot of Java…but it does show up in places like Minecraft and also most enterprisey software. Just update already.
Related Posts:
- Bluesky has Flopped: How Mashable is Lying To You - January 18, 2025
- Bonus Code Friday!Vote For Your Favorite Video Game to Play on the Arcade You Could Win from RackNerd! - January 17, 2025
- VeloxMedia has Awesome Dedicated Servers Deals in Seattle and California! Plus a Sneaker VPS Deal… - January 17, 2025
Leave a Reply