Users need to upgrade their Ubuntu system

May 27, 2015 14:17 GMT  ·  By

A new NTFS-3G vulnerability-related patch has been published for Ubuntu 15.04 (Vivid Vervet), and it looks that an annoying problem has been closed, finally.

Some of the Ubuntu users might remember that just last week a patch was released for an NTFS-3G vulnerability that could have allowed the library to overwrite files as the administrator. NTFS-3G is the component that deal with read/write NTFS driver for FUSE.

"USN-2617-1 fixed a vulnerability in NTFS-3G. The original patch did not completely address the issue. This update fixes the problem. Original advisory details: Tavis Ormandy discovered that FUSE incorrectly filtered environment variables. A local attacker could use this issue to gain administrative privileges," is noted in the security update.

These kinds of problems don't happen all that often, but they are usually caught in time, and a new patch is quickly released. It's much more likely to see regressions, but those are fixed pretty fast too.

In order to correct the problem, users just need to upgrade their systems. Only the Ubuntu 15.04 edition has been affected, so if you're using any of the other distros in the Ubuntu family you should be safe.

You can also use the terminal and enter the following commands (root is needed):

code
sudo apt-get update
sudo apt-get dist-upgrade