0
Some Relief For Linux Admins Living In Terror Of The XZ Backdoor – PC Perspective

Some Relief For Linux Admins Living In Terror Of The XZ Backdoor – PC Perspective

Binary's scanner will reduce the time you spend hunting as well as false positives

Thanks to a curious and technically gifted engineer named Anders Freud, Linux administrators are living in a nightmare world. He discovered a backdoor in the XZ Utils package that contains many tools and libraries at the core of many Linux distros. Usually the solution is to stick to the previous version of XZ Utils as the 5.4.6 stable version does not have this flaw. However those who have upgraded to XZ version 5.6.0 or 5.6.1 need to search through vbyte strings, file hashes and other techniques to find out what is vulnerable on their systems.

Enter Binarly, who have designed a tool that will automatically detect the XZ backdoor by analyzing your binaries. Identify transition manipulation in GNU indirect functions.. This should not only reduce the amount of time you spend searching your system for vulnerabilities, but it will be more accurate than a manual process. It also scans beyond just XZ Utils, to detect if you're already penetrated and if attackers have already turned some of your other utilities into back doors.

You can read more about what the tool does to a bleeping computer, or go straight to xz.fail to start securing your system.

About the Author

Leave a Reply