A new bug in existing software that could be particularly damaging to Linux users has been discovered. According to digital security company Qualys, this flaw is a severe danger to computers running off of Linux because it could allow hackers "complete control of the compromised system" after triggering it remotely.
To fight this risk, Qualys and Linux vendors have collaborated on a series of software patches. The source takes pains to point out that this is an implementation issue rather than an inherent design flaw. The official name of the GHOST flaw, which is a shortened form of the function "gethostbyname," is CVE-2015-0235.
ZDNet quoted the CTO of Qualys, Wolfgang Kandek, who described how pressing the GHOST issue currently is. The vulnerability is located within the Linux glibc library and could affect versions of Linux dating back to 2000.
"GHOST poses a remote code execution risk that makes it incredibly easy for an attacker to exploit a machine," Kandek said. "For example, an attacker could send a simple email on a Linux-based system and automatically get complete access to that machine." He suggested that users turn to patches as soon as they can for support, and even those that think they are protected might need to reassess how endangered they could possibly be.
A company that depends upon Linux for their everyday functionality needs to be protected from major security threats like these and can find help with a portal integration tool for their older mainframes. Using a secure, trusted solution, businesses can still access everything they need in a browser-based environment, where they can stay up-to-date with security protocols and work around potentially harmful problems. This is useful when an open-source browser is the dominant software that everyone in your company uses.