Insane bug makes it incredibly easy to hack many Linux systems
Linux is usually touted as the operating system of choice for those concerned about privacy, but a recently discovered bug makes it unbelievably simple to bypass authentication. A vulnerability in Grub2 -- the bootloader used by many Linux distros -- means that all it takes to take control of a computer is to press the backspace key 28 times.
Two researchers from the Cybersecurity Group at Spain's Polytechnic University of Valencia published a paper that reveals just how easy it is to gain access to many Linux systems. It's not a problem that Ubuntu, Red Hat, and Debian users need to worry about too much as patches have already been issued, and users of other distros can make use of an emergency patch in the Grub2 git repository.
While the security issue is laughably simple to exploit, it is somewhat mitigated by the fact that physical access is required, but it is worrying nonetheless. In an article entitled Back to 28: Grub2 Authentication 0-Day, researchers Hector Marco and Ismael Ripoll say that Grub2 versions from 1.98 (December, 2009) to 2.02 (December, 2015) are affected.
So how do you know if your system is vulnerable? The researchers explain:
To quickly check if your system is vulnerable, when the Grub ask you the username, press the Backspace 28 times. If your machine reboots or you get a rescue shell then your Grub is affected.
They warn that systems that are vulnerable to the problem could be exploited by an attacker to gain full access to the grub console. Attackers could install unauthorized software or rootkits, and copy or delete data. Full details of the 0-day can be found on Hector Marco's website.
If you need to grab yourself the patch, head over to the Grub2 git repository right now.
Photo credit: Matushchak Anton / Shutterstock