Critical Backdoor in xz-utils Threatens Linux and macOS Security
April 1, 2024![Critical Backdoor in xz-utils Threatens Linux and macOS Security](https://cdn.brief.news/images/stories/664773ee57d95dfabb7be510a350d53edd13dea6ff8832f7c6c99588e90fcce13fceb4c1a267bddd22bcab26dafe33458365f4eb69b2aabb3814df0f760a4f62.png)
A critical security flaw was discovered in xz-utils, a compression software for Linux and macOS, on March 29th, 2024.
Affected versions are 5.6.0 and 5.6.1, which contain a vulnerability that could allow unauthorized system access.
The flaw can be exploited remotely via public SSH ports, risking system integrity.
Software engineer Andres Freund of Microsoft identified the backdoor and alerted Debian and other Linux distributions.
The vulnerability is specifically in the liblzma library within the SSH daemon application.
The discovery underscores the importance of enhanced security for open-source software.
Users should update their systems as recommended by their Linux distribution and inspect for compromised information.
Summary based on 3 sources
Get a daily email with more Tech stories
Sources
![XZ Utils backdoor update: Which Linux distros are affected and what can you do? - Help Net Security](https://cdn.brief.news/images/links/664773ee57d95dfabb7be510a350d53edd13dea6ff8832f7c6c99588e90fcce13fceb4c1a267bddd22bcab26dafe33458365f4eb69b2aabb3814df0f760a4f62.png)
Help Net Security • Mar 31, 2024
XZ Utils backdoor update: Which Linux distros are affected and what can you do? - Help Net Security![An Accidental Discovery of a Backdoor Likely Prevented Thousands of Infections](https://cdn.brief.news/images/links/92eb9967be52408c83ff39d802db52db06e6cd7fc75e7831988cd25e3daf9b22a9e5fa990a34a6b3767a006b499a00697398a9f5a24ec341058be9afe45e2c73.jpg)
Security Boulevard • Mar 30, 2024
An Accidental Discovery of a Backdoor Likely Prevented Thousands of Infections![What You Need to Know About the XZ Utils Backdoor](https://cdn.brief.news/images/links/d1b85228781f4bf65a59e9aa1b6379bb7390127d741e3035bcb31503a1a0b2a47f437e75c94d6442140f82a7b93cdf6d5bcbb5f454e49ea8da31f66e526f49c6.png)
Security Boulevard • Mar 30, 2024
What You Need to Know About the XZ Utils Backdoor