Share this article

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low

Copilot in Outlook will generate personalized themes for you to customize the app

Microsoft will raise the price of its 365 Suite to include AI capabilities

Death Stranding Director’s Cut is now Xbox X|S at a huge discount

Outlook will let users create custom account icons so they can tell their accounts apart easier

Attention Linux users! Hidden backdoor found in XZ Utils, Microsoft warns

Only XZ Utils 5.6.0 and 5.6.1 come with a hidden backdoor

2 min. read

Published onApril 2, 2024

published onApril 2, 2024

Share this article

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

Linux has always been a more secure system than Windows, but that doesn’t mean that Linux is safe from all threats.

Speaking of which, according to the reports, several versions of Linux were affected by a critical vulnerability recently.

Two versions of XZ Utils in Linux come with a hidden backdoor

AsNeowin writes,Microsoft released a FAQ on XZ Utilsthat was discovered recently in Linux. The vulnerability has been identified as CVE-2024-3094 and it has been deemed as critical.

It was first discovered by a Microsoft employee by accident while investigating SSH issues on the Debian system. According to the employee, he noticed unusual behavior with XZ Utils, which led to the discovery of a backdoor.

With this backdoor, a hacker with the correct private key can abuse the SSH operations and gain root access to the system.

The backdoor uses a five-stage loader that allows the hacker to perform arbitrary commands remotely.

The good news is that only versions 5.6.0 and 5.6.1 of XZ Utils come with a backdoor, meaning that older versions are unaffected.

As for affected distributions, the following have this backdoor on them:

To check if your device is affected, Microsoft suggests the following:

In order news,Microsoft engineers have improved Rust integration in Linuxwith module initialization patches.

More about the topics:Linux,security threats

Milan Stanojevic

Windows Toubleshooting Expert

Milan has been enthusiastic about technology ever since his childhood days, and this led him to take interest in all PC-related technologies. He’s a PC enthusiast and he spends most of his time learning about computers and technology.

Before joining WindowsReport, he worked as a front-end web developer. Now, he’s one of the Troubleshooting experts in our worldwide team, specializing in Windows errors & software issues.

User forum

0 messages

Sort by:LatestOldestMost Votes

Comment*

Name*

Email*

Commenting as.Not you?

Save information for future comments

Comment

Milan Stanojevic

Windows Toubleshooting Expert

Before joining WindowsReport, he worked as a front-end web developer. Now, he’s specialized in Windows errors & software issues.

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low#

Copilot in Outlook will generate personalized themes for you to customize the app#

Microsoft will raise the price of its 365 Suite to include AI capabilities#

Death Stranding Director’s Cut is now Xbox X|S at a huge discount#

Outlook will let users create custom account icons so they can tell their accounts apart easier#

Attention Linux users! Hidden backdoor found in XZ Utils, Microsoft warns#

Two versions of XZ Utils in Linux come with a hidden backdoor#