Critical Bug Affects Git Clients for Windows and Mac – Update

Spread the love

The official Git clients and related software for Mac and Windows contain a critical bug that makes it possible to take over a computer. The popular GitHub is actively warning users about the vulnerability, for which a fix has been released.

Git writes that the bug mainly affects developers with Windows and Mac. This is a problem that only affects clients that can access repositories. As a result, the popular github.com and GitHub Enterprise are not directly vulnerable to the vulnerability.

The bug allows an attacker to overwrite the Git configuration file, as well as the similar Mercurial program, if he wants to clone or check a file. As a result, arbitrary commands can be executed, with which, in extreme cases, a computer can be taken over. Windows and Mac clients are vulnerable to this, but those for Linux are in principle not.

The popular GitHub, where developers share Git code, strongly encourages all users to update their Git clients to the latest version, available immediately. They also reportedly need to be careful about cloning and accessing repositories hosted on insecure or untrustworthy hosts. Repos on GitHub are not vulnerable, because the organization claims to check for the vulnerability.

Update, Sunday – Following some confusion about Git and GitHub the article clarified slightly. In addition, factual inaccuracies, as far as known, have been removed.

You might also like
Exit mobile version