Nasty bug with quite simple exploit hits PHP simply in time for the weekend

Nasty bug with very simple exploit hits PHP just in time for the weekend


A crucial vulnerability within the PHP programming language could be trivially exploited to execute malicious code on Home windows units, safety researchers warned as they urged these affected to take motion earlier than the weekend begins.

Inside 24 hours of the vulnerability and accompanying patch being revealed, researchers from the nonprofit safety group Shadowserver reported Web scans designed to establish servers which might be vulnerable to assaults. That—mixed with (1) the convenience of exploitation, (2) the supply of proof-of-concept assault code, (3) the severity of remotely executing code on susceptible machines, and (4) the extensively used XAMPP platform being susceptible by default—has prompted safety practitioners to induce admins examine to see if their PHP servers are affected earlier than beginning the weekend.

When “Greatest Match” is not

“A nasty bug with a quite simple exploit—excellent for a Friday afternoon,” researchers with safety agency WatchTowr wrote.

Learn 16 remaining paragraphs | Feedback

Leave a Reply

Your email address will not be published. Required fields are marked *