February 10, 2021 10:43 pm
Original Link: https://www.theverge.com/2021/2/10/22276857/security-researcher-repository-exploit-apple-microsoft-vulnerability
Security researcher finds a way to run code on Apple, PayPal, and Microsofts systems
Security researcher Alex Birsan has found a security vulnerability that allowed him to run code on servers owned by Apple, Microsoft, PayPal, and over 30 other companies (via Bleeping Computer). The exploit is also deviously simple, and it’s something that many large software developers will have to figure out how to protect themselves from.
The exploit takes advantage of a relatively simple trick: replacing private packages with public ones. When companies are building programs, they often use open-source code written by other people, so they’re not spending time and resources solving a problem that’s already solved. For example, I’ve worked on websites that had to convert text files to webpages in real time. Instead of writing code to...
Original Link: https://www.theverge.com/2021/2/10/22276857/security-researcher-repository-exploit-apple-microsoft-vulnerability
Share this article:
Tweet
View Full Article
The Verge
The Verge is an ambitious multimedia effort founded in 2011More About this Source Visit The Verge