Tux Machines

Microsoft FUD/Scremongering About GNU/Linux and FIPS 140-2 Validation

Posted by Roy Schestowitz on Oct 11, 2023

Krita 5.2 released
Fedora Slimbook Linux Laptop Launched with 3K Display, NVIDIA GeForce RTX 3050 Ti

GNOME users at risk of RCE attack (CVE-2023-43641) [Ed: Kevin Backhouse, on Microsoft payroll, keeps spouting out some anti-Linux security FUD every few months while his employer, Microsoft, puts back doors in everything]

↺ GNOME users at risk of RCE attack (CVE-2023-43641)
If you’re running GNOME on you Linux system(s), you are probably open to remote code execution attacks via a booby-trapped file, thanks to a memory corruption vulnerability (CVE-2023-43641) in the libcue library.

One-Click 'Gnome' Exploit Is a Supply Chain Risk for Linux OSes [Ed: The same Microsoft employees keep "Linux" in the news in relation to security issues while Microsoft plants very high high severity flaws and back doors]

↺ One-Click 'Gnome' Exploit Is a Supply Chain Risk for Linux OSes
Researchers have uncovered a vulnerability in a library within the GNOME desktop environment for Linux systems. If embedded in a malicious link, it could enable attackers to perform machine takeover in an instant.

One-Click GNOME Exploit Could Pose Serious Threat to Linux Systems [Ed: It is one particular application under very particular conditions, not "Linux"]

↺ One-Click GNOME Exploit Could Pose Serious Threat to Linux Systems
A one-click exploit targeting the Libcue component of the GNOME desktop environment could pose a serious threat to Linux systems.

Digi International Announces FIPS 140-2 Validation for Cryptographic Security on All Digi Accelerated Linux Based Solutions

↺ Digi International Announces FIPS 140-2 Validation for Cryptographic Security on All Digi Accelerated Linux Based Solutions
-Digi International, (NASDAQ: DGII, www.digi.com), a leading global provider of Internet of Things (IoT) connectivity products and services, today announced a significant advancement in its product security with the integration of FIPS 140-2 federally-validated cryptography across its entire line of cellular routers and other devices based on the Digi Accelerated Linux Operating System (DAL OS). This enhancement positions Digi as an ideal solution provider for the government sector — including government agencies and contractors, and police forces, as well as financial institutions, medical facilities and other industries that handle sensitive information and require high levels of security.
gemini.tuxmachines.org