Update git. It has an RCE vulnerability

There is a new version of git, including for Windows, including VSTS, that you should move to immediately.

https://blogs.msdn.microsoft.com/devops/2018/05/29/announcing-the-may-2018-git-security-vulnerability/

Turns out there is a remote code execution vuln in git at the "protocol" level and a malicious repo can really cause a mess.  Update right away.

This news brief brought to you by Application Security Weekly.  Now back to your regularly scheduled cat video.

 

He's so proud of his catch until he realizes...it's all a lie from r/aww

Add comment

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

 

 

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList