Microsoft has published an important security advisory regarding a backdoor vulnerability (CVE-2024-3094) discovered in the widely used XZ Utils file compressor. This serious flaw, which has a maximum severity score of 10.0 on the CVSS scale, affects many popular Linux distributions, including Fedora, Kali Linux, OpenSUSE, and Alpine Linux. This vulnerability could have a large-scale global impact.

Andres Freund investigated the 500 millisecond latency of SSH connections

Fortunately, Microsoft Linux developer Andres Freund came across this issue while investigating a suspicious SSH connection latency of 500 milliseconds. discovered a malicious backdoor built into the XZ software.

At the time of this writing, only four of 63 security providers on VirtusTotal have correctly flagged this exploit as malicious. This incident highlights the importance of caution, as many users may have missed a seemingly minor delay. It also highlights the potential vulnerability of open source software to attackers.

If you are concerned about the security of your system, versions 5.6.0 and 5.6.1 of XZ Utils have been confirmed to be compromised. The US Cybersecurity and Infrastructure Security Agency (CISA) recommends using older, verified software versions as a precaution.

Various third-party tools can also help detect vulnerabilities. Security firms Qualys and Binarly offer free scanners:

• Qualifications: Look for VULNSIGS version 2.6.15-6 with Vulnerability ID (QID) “379548”.
• Binary file: This free XZ backdoor scanner displays a message like “XZ Malicious Implant Detected” if your system is infected.