Dated Linux bug might be key to lesser Wanna Cry
Older versions of a Linux file-sharing system could be vulnerable to a Wanna Cry-type attack.
Linux, the widely used free operating system, uses a module called Samba to share files in the same way Windows does. Older versions of Samba — 3.5 through 4.4 — are vulnerable to an attack that is similar to, but smaller than, the one behind Wanna Cry, the ransomware that caused a worldwide panic earlier this month.
The Department of Homeland Security’s Computer Emergency Response Team issued an alert about the problem Wednesday.
{mosads}Researchers at Rapid7 discovered more than 100,000 vulnerable systems in a scan of the internet. Even though that’s a substantial number of machines, it is a far less widespread problem than the EternalBlue bug used in the Wanna Cry attacks. Wanna Cry infected more than three times as many machines than Rapid7 found vulnerable to the Samba bug.
The Linux problem has been patched, as was the Windows vulnerability. Versions of Samba newer than 4.4 are safe from the attack. But many users are slow to update systems, something that allowed the spread of Wanna Cry.
For unpatched systems, however, the Samba flaw would be an easy opening for malware to exploit.
Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed..