Zero-Day Attack Prompts Emergency Patch for Bitmessage Client

Discussion in '0-day Release' started by silversurfer, Feb 14, 2018.

  1. silversurfer

    silversurfer Malware Tester Silver Member

    An emergency update released on Tuesday for the PyBitmessage application patches a critical remote code execution vulnerability that has been exploited in attacks.

    Bitmessage is a decentralized and trustless communications protocol that can be used for sending encrypted messages to one or multiple users. PyBitmessage is the official client for Bitmessage.

    Bitmessage developers have issued a warning for a zero-day flaw that has been exploited against some users running PyBitmessage 0.6.2.

    The security hole, described as a message encoding bug, has been patched with the release of version 0.6.3.2, but since PyBitmessage 0.6.1 is not affected by the flaw, downgrading is also an option for mitigating potential attacks.

    Full Article: https://www.securityweek.com/zero-day-attack-prompts-emergency-patch-bitmessage-client
     
    Der.Reisende and RGiskardR like this.
  2. Google Adsense

Share This Page