https://www.evilsocket.net/202...

The issue(s)
- Does NOT affect all GNU/Linux systems.
- Is not CVSS 9.9. I put it at a 6.3

It also requires:
1) The victim system has no active firewall to block incoming connections.
2) A user on the victim system must print something to a printer that mysteriously appears on the system that has never been there before.

If these two things happen, then command execution can happen as the "lp" user.

Yes, I've read the vulnerability report and have reproduced it. You'll get the details when the agreed upon disclose date arrives.

As for the firewall, just blocking incoming connections it sufficient for protection. On Ubuntu, this should do it: sudo ufw enable

This is provably incorrect.

The thread that the title comes from is from a Twitter user that later stated about the issue: "And YES: I LOVE hyping the sh1t out of this stuff because apparently sensationalism is the only language that forces these people to fix. "

As such, every single thing about the topic should be taken with a grain of salt. Starting with systems affected (it's not all GNU/Linux) and also CVSS score (I score it as a 6.3 instead of 9.9). Use your imagination to decide how much of what was posted is based on fact as opposed to fantasy.

For starters, only systems without an enabled firewall are exploitable. (Note: Ubuntu doesn't enable a firewall by default for reasons I cannot fathom).
Secondly, the attack requires the victim to take a specific implausible action for the attack to work.

There's really nothing to see here. Spending your time thinking about any other vulnerability or attack vector would be a much better use of your time.

"Every distribution in existence" is an obvious exaggeration.

For example, the current Ubuntu (24.04) and Debian (12.6.0) ISOs use a UEFI boot image that indicates that it's vulnerable (shim,2), and therefore will fail to boot with SecureBoot enabled when this SBAT is installed.
Similarly, an installed (and fully updated) Ubuntu 22.04 instance also provides a UEFI boot image that indicates that it's vulnerable (shim,3), and therefore is unbootable with SecureBoot with the recent SBAT update.

Yes, it's unfortunate that Microsoft has pushed out an update that affects non-Windows things. But when the Linux distributions today have failed to properly update things in response to a two-year-old vulnerability, yeah, there will be consequences.

https://infosec.exchange/@wdor...

Perhaps you're not familiar with how security research works. Stopping at "is this being exploited in the wild now?" is shortsighted.

For some background, read:
https://blog.osvdb.org/2017/08...
(about "L0pht, Making the theoretical practical since 1992." )

Except there isn't a DLL hijacking vulnerability at all. The CIA "issue" is that on an already-compromised computer, an administrator-privileged attacker can replace a Notepad++ DLL with one that does something else.

Notepad++ itself cannot do anything to protect itself from being hijacked in such a way.

From the Notepad++ page (and even the Slashdot summary): "Note that once usersâ(TM) PCs are compromised, the hackers can do anything on the PCs."

Repeat after me: If my computer is compromised, there's nothing that any individual app on the system can do to protect itself from being hijacked.

There's nothing to see here.

Do you have any suggestions for such alternatives?

What am I getting for 3x the price?

You are getting a phone that won't be immediately abandoned, like most other Android phones. You are paying for the support contract.

What does one get out of a support contract? Security updates. Sure, you can save money on a cheaper phone. Just make sure that you factor in the cost of a potential device compromise due to lacking security updates.

Multiple vendors really helps the Android user to get what they want.

Sure, if it's the feature set that you're talking about. If you want a new phone that isn't abandoned update-wise a year or less after you get it, you have one Android option: the Pixel.

I am viewing that setting through the process you described. It's well-known that Uber pushed out the change to remove the "while using" option at the beginning of December. https://www.eff.org/deeplinks/...

I'd say that you should consider yourself lucky to be the outlier. How you got there, I have no idea...

Interesting claim. Can you please indicate where one selects "While Using" in the settings here:
http://i.imgur.com/Qb6YdLe.jpg

This is from Uber 3.225.3 on iOS 10.2.

That's what WebRTC is for. After determine your computer's internal address, it's pretty trivial to guess (or bruteforce) your router's address.

It's remotely exploitable with no user interaction if the web admin stuff is exposed to the internet. If the remote web admin is not enabled, then it's exploitable as the result of a user on the network viewing a malicious or compromised website.

Changing the IP address or subnet of your router will only stop the laziest/inept of attackers.