Blog post

Microsoft post on Linux vulnerability omits key details

Microsoft released a long essay on flaws that could lead to escalation of privileges on Linux systems, which he collectively called Nimbuspwn, but failed to mention that none of these flaws can be exploited remotely.

Anyone wishing to exploit these flaws would need access to the Linux machine in question.

iTWire confirmed this from Jonathan Bar Or, Security Research Architect for Microsoft Defender for Cross-Platform.

In response to a question asking if the flaws could be exploited remotely, Bar Or replied, “These are local elevation of privilege vulnerabilities, not remote. The four vulnerabilities we mention are local.”






The software in question that is open to attack is networkd-dispatcher, a dispatch service for systemd-networkd connection state changes. It is not found on most Linux systems and is missing from the author’s Debian 11 system.

For the uninitiated, systemd is a kind of system and service manager that controls many functions on many Linux systems.

In the past, such local escalation of privilege vulnerabilities has never been made public to the extent that these four flaws have been. The reason was that no security journalist worth his salt would write about such flaws.

The essential reason is that once he has physical access to a machine, all bets are off as an attacker can use one of countless ways to gain access to the innards of the box.

Surprisingly, Dan Goodin, a veteran security reporter from Ars-Technica, writing the blog post. It was the same Ionut Ilascu of the website beeping computer and Jeff Burt of The register.

iTWire also reached out to Microsoft executives who are listed as media contacts to ask a similar question, but they did not respond to a question about whether these flaws were remotely exploitable.

Microsoft has a media hotline in Sydney, but no one answered the phone Wednesday morning when iTWire tried to make contact.

SONICWALL CYBER THREAT REPORT 2022

The last year has seen a meteoric rise in ransomware incidents around the world.

Over the past 12 months, threat researchers at SonicWall Capture Labs have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Ransomware
Cryptojacking
Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available through the SonicWall Cyber ​​Threat Report 2022, which ensures that SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the growing wave of cybercrime.

Click the button below to get the report.

GET A REPORT!

PROMOTE YOUR WEBINAR ON ITWIRE

It’s all about webinars.

Marketing budgets are now focused on webinars combined with lead generation.

If you want to promote a webinar, we recommend at least a 3-4 week campaign before your event.

The iTWire campaign will include numerous advertisements on our news site itwire.com and a major newsletter promotion https://itwire.com/itwire-update.html and promotional and editorial news. Plus a keynote speaker video interview on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in promotional messages on the iTWire homepage.

Now that we are coming out of Lockdown, iTWire will focus on supporting your webinars and campaigns and providing support through partial payments and extended terms, a Webinar Business Booster pack and other support programs. We can also create your advertisements and written content and coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!