Saturday, 26 December 2015

Grub Vulnerability : You can Hack into a Linux PC/ laptop just by pressing ‘Backspace’ 28 times


Most of us swear by Linux as a super secure operating
system but two security researchers from Spain have
discovered a unique vulnerability in Linux which could
give even a noob access to a Linux powered PC.



Here's How to Exploit the Linux Vulnerability
If your computer system is vulnerable to this bug:
Just hit the backspace key 28 times at the Grub
username prompt during power-up. This will open a
"Grub rescue shell" under Grub2 versions 1.98 to
version 2.02.

This rescue shell allows unauthenticated access to a
computer and the ability to load another environment.
From this shell, any potential attacker could gain
access to all the data on a Linux computer, and can
misuse it to steal or delete all the data, or install
persistent malware or rootkit, according to researchers
Ismael Ripoll and Hector Marco, who published their
research on Tuesday.

According to Ripoll and Marco, the Grub vulnerability
affects Linux systems from December 2009 to the
present date. They have stated that even some older
Linux PCs may be affected by this bug.

Patch
The good news is the researchers have made an
emergency patch to fix the Grub2 vulnerability. So if
you are a Linux user and worried your system might be
vulnerable, you can apply this emergency patch,
available here

Meanwhile, many major distributions, including
Ubuntu , Red Hat , and Debian have also released
emergency patches to fix the issue.

Share this

0 Comment to "Grub Vulnerability : You can Hack into a Linux PC/ laptop just by pressing ‘Backspace’ 28 times"

Post a Comment