103
Microsoft rated this bug as low exploitability. Miscreants weaponized it in just 8 days
(www.theregister.com)
This would be fate of all government mandated backdoors.
this post was submitted on 22 Apr 2025
103 points (100.0% liked)
Cybersecurity
8279 readers
50 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub
Notable mention to !cybersecuritymemes@lemmy.world
founded 2 years ago
MODERATORS
Only for those it would happen in 8s.
*pedantic hat
If it's a backdoor it's by nature already exploited
What's the CVE score?
Sorry. Bad joke on our pain...
CISA picked up funding for the CVE database
https://cybernews.com/security/cve-database-funding-extended-cisa-mitre-corp/
This made my day!
Edit: also, this is from 17-APR, and it's the first I'm seeing this. I wish I could say I've been under a rock, but I was literally looking for, and reading, multiple articles on this near daily, and missed this...
Patch Tuesday is far worse. 8 days is well within the 30 day window they use for releasing exploit fixes. So it isn't even weird. This stuff happens all the time if you don't push security fixes as soon as possible. They prefer to have a nice little monthly day to make the life of companies easier, but it's highly unsafe.
mb guys