The Linux kernel folks "silently" pushed out a patch for a critical privilege escalation bug this week. It was for a hole that could allow an attacker to execute code at the root level from any GUI application. The patch took two months after the flaw was reported on June 17, researchers says. SUSE engineers claim they originally found it, reported it and patched it in SUSE way back in September, 2004, says the security blog The H. But the SUSE patch never made its way into the kernel at that time.
Msg#: 4189773 posted 4:40 pm on Aug 20, 2010 (gmt 0)
When Microsoft issues a security patch, potential hackers have to disassemble the binary code and try to find the hole that patch fixed. With Linux it is much easier. You just download the kernel source code versions from just before and after the patch release. A source code comparison will exactly tell you which problem was present in the kernel.
Everyone with basic programming knowledge can do that. We will probably see a massive attack on unpatched Linux systems in the coming period.
Msg#: 4189773 posted 5:02 pm on Aug 20, 2010 (gmt 0)
lammert - It actually wasn't terribly silent nor hard to spot. Ubuntu this morning offered me "Important security updates", and clicking the Details button showed there were several kernel fixes to stack memory handling. That sounds like the bug which was described.
Of course, with Windows we'd be waiting for a corporation to consider blessing us with a fix because there's no stable option for users to contribute and distribute fixes.
Msg#: 4189773 posted 9:57 am on Aug 25, 2010 (gmt 0)
@lammert, I doubt that there will be a massive attack because exploiting this requires either a locally installed malicious or compromised GUI app. Someone that far into the system can already do a lot of damage.