Critical R Programming Flaw Patched: Update to Thwart Code Execution Attacks
May 2, 2024![Critical R Programming Flaw Patched: Update to Thwart Code Execution Attacks](https://cdn.brief.news/images/stories/b91ba1aa242591c43af049b50dbcae7681ecf9baed4e78cf894355d1a0c6c9749f037fdf5537ff328f0e258cff52a6781b1a218c59d6074b77687ab01d0336c4.jpg)
The R programming language patched a critical vulnerability, CVE-2024-27322, allowing arbitrary code execution via RDS and RDX files.
Over 135,000 R source files were found to be affected by this high-risk vulnerability.
Sharing of RDS and RDX files among developers and data scientists opens an effective attack vector.
R Core version 4.4.0 contains fixes and should be updated to immediately to mitigate risks.
Organizations utilizing R must evaluate their risk and update their systems as a protective measure.
The widespread use of R and the readRDS function amplifies the potential impact of the vulnerability.
The US government and education sectors have faced joint malware attacks, and Canadian pharmacy chain London Drugs experienced a cybersecurity incident.
HiddenLayer's AISec Platform aims to offer additional protection against such vulnerabilities in its upcoming Q2 release.
The incident underscores the necessity for continuous vigilance and prompt updates in cybersecurity.
Summary based on 4 sources
Get a daily email with more Tech stories
Sources
![Open source programming language R patches critical arbitrary code exec flaw](https://cdn.brief.news/images/links/b91ba1aa242591c43af049b50dbcae7681ecf9baed4e78cf894355d1a0c6c9749f037fdf5537ff328f0e258cff52a6781b1a218c59d6074b77687ab01d0336c4.png)
The Register • May 1, 2024
Open source programming language R patches critical arbitrary code exec flaw![Supply chain attacks likely with exploitation of novel R programing bug](https://cdn.brief.news/images/links/c6307ea05734751f683810be5df60b9468d4d4bb757f041e7692bc2223f21616d19f1b291f97d03e4ecca8b4b47406f9dd8c5154c6725fe2ede112d175951051.jpg)
SC Media • Apr 30, 2024
Supply chain attacks likely with exploitation of novel R programing bug![CVE-2024-27322 Vulnerability Found in R Programming Language](https://cdn.brief.news/images/links/4d65388c90867cdc6a21ad0fe4f1aedebd33ba3cb9a7c020be77c6fa05fffd304aa646bf2ddc51db3193006ed89fcdcdb0b81400855244e73f7345313e859d87.png)
Security Boulevard • May 1, 2024
CVE-2024-27322 Vulnerability Found in R Programming Language![A flaw in the R programming language could allow code execution](https://cdn.brief.news/images/links/50a4c7768c62c7063e92f6e052361e8c57ea060c9b3736aee61558d71d9ae69c547272712684d61eeedc5b4653247d2e9bf65973e17e799dd18d002a2c040ded.jpg)
Security Affairs • May 1, 2024
A flaw in the R programming language could allow code execution