It’s the season for the Grinch to ruin your day, but this time it’s not a green fellow with a heart two sizes too small, but a security flaw in Linux affecting Unix/Linux- based operating systems.
The flaw was uncovered by the security experts at AlertLogic. AlertLogic warns that around 65% of web servers on the Internet uses Unix/Linux-based operating systems and this bug hits across all Linux platforms including mobile devices. Android phones could also be vulnerable to attack. The company uncovered the flaw while doing research about e-commerce safety.
The flaw, nicknamed Grinch, allows a hacker to impersonate someone with super-user privileges to access the server and take over that computer or have access to important files. Grinch can create a whole new set of management privileges. The hacker could install any type of programs they wish and even use the computer to attack other computers.
It can affect both home users who run an accounts on wheel and businesses and may be a severe as the Shellshock flaw that hit last fall.
No patches exist to yet to fix it and it’s believed that this flaw is part of the structure of Linux, so the fix needs to come from developers there. Businesses can change their administrative access rules and it was also suggested they install keylogger software to keep an eye out for suspicious activity.
Home users of Linux systems may not be immediate targets for attack, just because only a little over 1% of users are running Linux. But Android could be a much more attractive target for hackers.
As with the attacks on Target last year, there’s always concern that retailers could be a target. As always, watch your credit card and bank statements closely. As for home users, Linux based systems don’t offer security update in the traditional Windows sense, security changes are made to the individual flavors of Linux and a new version of that particular OS would be released. If newer versions are available, you can find them at the site for that particular flavor. For example, updated versions of Ubuntu would be found here. Changes to Linux Mint would be found here.
~ Cynthia