Tuesday, May 20, 2008

Technology Review: Alarming Open-Source Security Holes

Yikes -- see the full article for more context

In plainer language: after a week of analysis, we now know that two changed lines of code have created profound security vulnerabilities in at least four different open-source operating systems, 25 different application programs, and millions of individual computer systems on the Internet. And even though the vulnerability was discovered on May 13 and a patch has been distributed, installing the patch doesn't repair the damage to the compromised systems. What's even more alarming is that some computers may be compromised even though they aren't running the suspect code.

Technology Review: Alarming Open-Source Security Holes

No comments: