Microsoft Engineer Uncovers Major Linux Flaw; BSI Urges Swift Action

April 6, 2024
Microsoft Engineer Uncovers Major Linux Flaw; BSI Urges Swift Action
  • Andres Freund, a Microsoft software engineer, uncovered a critical security flaw in 'XZ Utils', a key Linux tool.

  • The German Federal Office for Information Security (BSI) has labeled the flaw as 'business-critical' and issued a warning.

  • IT administrators are strongly advised to promptly address the risk by checking for compromised 'XZ Utils' versions, especially 5.6.0 and 5.6.1.

  • Linux developers have been notified by Freund and have released updates to correct the vulnerability.

  • No evidence suggests that the vulnerability was exploited by hackers before Freund's discovery.

  • The incident highlights the importance of enhanced security protocols for the open-source software supply chain.

Summary based on 12 sources


Get a daily email with more World News stories

Related Stories