A vulnerability affects Vulnerability-related.DiscoverVulnerability all versions of the OpenSSH client released in the past two decades , ever since the application was released in 1999 . The security bug received Vulnerability-related.PatchVulnerability a patch this week , but since the OpenSSH client is embedded in a multitude of software applications and hardware devices , it will take months , if not years , for the fix to trickle down Vulnerability-related.PatchVulnerability to all affected systems . This particular bug was analyzed Vulnerability-related.DiscoverVulnerability last week by security researchers from Qualys who spotted Vulnerability-related.DiscoverVulnerability a commit in OpenBSD 's OpenSSH source code for a bug report submitted Vulnerability-related.DiscoverVulnerability by Darek Tytko from securitum.pl . After analyzing the commit , researchers realized that the code inadvertently fixed Vulnerability-related.PatchVulnerability a security bug lying dormant in the OpenSSH client since its creation . This bug allows a remote attacker to guess the usernames registered on an OpenSSH server . Since OpenSSH is used with a bunch of technologies ranging from cloud hosting servers to mandate IoT equipment , billions of devices are affected . As researchers explain , the attack scenario relies on an attacker trying to authenticate on an OpenSSH endpoint via a malformed authentication request ( for example , via a truncated packet ) . A vulnerable OpenSSH server would react in two very different ways when this happens . If the username included in the malformed authentication request does not exist , the server responds with authentication failure reply . If the user does exist , the server closes the connection without a reply . This small behavioral detail allows an attacker to guess valid usernames registered on a SSH server . Knowing the exact username may not pose an immediate danger , but it exposes that username to brute-force or dictionary attacks that can also guess its password . Because of OpenSSH 's huge install base , the bug is ideal for both attacks on high-value targets , but also in mass-exploitation scenarios . The bug — tracked as Vulnerability-related.DiscoverVulnerability CVE-2018-15473— has been patched Vulnerability-related.PatchVulnerability in the stable version of OpenSSH —1:6.7p1-1 and 1:7.7p1-1— and the 1:7.7p1-4 unstable branch . Patches have also trickled down Vulnerability-related.PatchVulnerability to Debian , and most likely other Linux distros .

Researchers have discovered Vulnerability-related.DiscoverVulnerability some serious security flaws threatening Linux . These vulnerabilities exist in Vulnerability-related.DiscoverVulnerability Linux systemd component . According to the researchers , the vulnerabilities pose a risk to all systemd-based Linux distros . Allegedly , researchers at Qualys have disclosed Vulnerability-related.DiscoverVulnerability some bugs targeting the Linux systemd component . Systemd provides the core building blocks for Linux and handles major processes after booting . As revealed Vulnerability-related.DiscoverVulnerability , three vulnerabilities have targeted the systemd-journald , which is responsible for data collection and log storage . The vulnerabilities let an attacker gain root privileges on the target device . The researchers state Vulnerability-related.DiscoverVulnerability that these vulnerabilities threaten all Linux distros based on systemd except a few . As stated in their report , “ To the best of our knowledge , all systemd-based Linux distributions are vulnerable Vulnerability-related.DiscoverVulnerability , but SUSE Linux Enterprise 15 , openSUSE Leap 15.0 , and Fedora 28 and 29 are not exploitable because their user space is compiled with GCC ’ s -fstack-clash-protection. ” The three bugs include two different memory corruption flaws ( CVE-2018-16864 and CVE-2018-16865 ) , and an out-of-bounds flaw ( CVE-2018-16866 ) . At first , the researchers accidentally discovered Vulnerability-related.DiscoverVulnerability CVE-2018-16864 while working on an exploit for a previously disclosed vulnerability , Mutagen Astronomy . Then , when they were busy on its PoC , they spotted Vulnerability-related.DiscoverVulnerability the other two bugs . “ We developed Vulnerability-related.DiscoverVulnerability a proof of concept for CVE-2018-16864 that gains eip control on i386… We developed Vulnerability-related.DiscoverVulnerability an exploit for CVE-2018-16865 and CVE-2018-16866 that obtains a local root shell in 10 minutes on i386 and 70 minutes on amd64 , on average. ” Interestingly , the bugs had been around for quite a few years . For now , Red Hat has patched Vulnerability-related.PatchVulnerability the bugs CVE-2018-16864 and CVE-2018-16865 . Whereas , Debian has fixed Vulnerability-related.PatchVulnerability CVE-2018-16866 in the unstable systemd 240-1 release . Other distros will also supposedly release Vulnerability-related.PatchVulnerability the fixes soon . In November 2018 , a Google researcher also highlighted Vulnerability-related.DiscoverVulnerability a critical flaw in Systemd that induced system crashes and hacks .

An exploit in the Android operating system means almost 40 percent of users are vulnerable Vulnerability-related.DiscoverVulnerability to screen-hijacking apps , but it is unlikely to be fixed Vulnerability-related.PatchVulnerability until winter . The bug , which was first spotted Vulnerability-related.DiscoverVulnerability by researchers at Check Point , is caused by a development oversight in Android permissions , which in the past required users to manually grant downloaded applications the ability to display content on top of other app panes . However following complaints from users who found it difficult to manually whitelist each app , the Android 6.0.1 'Marshmallow ' update made this process automatic , which was good news for legitimate apps like WhatsApp and Facebook Messenger . It appears that fix has meant apps hiding malicious codes are able to bypass security also being automatically granted the same access , specifically the 'SYSTEM_ALERT_WINDOW ' permission . According to Google 's own statistics , the vulnerability will be active Vulnerability-related.DiscoverVulnerability on close to 40 percent of all Android devices . `` As a temporary solution , Google applied Vulnerability-related.PatchVulnerability a patch in Android version 6.0.1 that allows the Play Store app to grant run-time permissions , which are later used to grant SYSTEM_ALERT_WINDOW permission to apps installed from the app store , '' the Check Point research team explained in a blog post . `` This means that a malicious app downloaded directly from the app store will be automatically granted this dangerous permission . '' This permission is particularly dangerous as it allows an app to display over any other app , without notifying the user . This means apps are able to display fraudulent adverts or links to content hosting malicious code , which are heavily used in banking Trojans . `` It can also be used by ransomware to create a persistent on-top screen that will prevent non-technical users from accessing their devices , '' explained the team . This particular permissions exploit is used by 74 percent of all ransomware , 57 percent of adware and 14 percent of banker malware , according to the report , clearly demonstrating that this is a widespread tactic in the wild . What 's worrying is that Google has stated that a fix will be available Vulnerability-related.PatchVulnerability in time for the release of Android O , which is n't expected until late summer . In the meantime , Check Point has urged users to beware of dodgy-looking apps and to check the comments left by other users . Although the Play Store is able to police the apps being uploaded to its platform , malicious content is repeatedly bypassing security checks . Check Point recently disclosed the discovery of a new malware strain hidden inside game guides hosted on the Play Store , thought to have infected close to two million Android devices over the past seven months .