Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Provides She Lost That Lovin’ Feeling?

    April 1, 2023

    The Risks and Controversies Surrounding Soap2day

    April 1, 2023

    ColombianCupid Review – What Do We Realize About It?

    April 1, 2023
    Facebook Twitter Instagram
    Facebook Twitter Instagram
    NorstratNorstrat
    Subscribe
    • Home
    • Tech News
    • Business
    • Automobile
    • Fashion
    • Norstrat Special
    • Contact Us
    NorstratNorstrat
    Home»Tech News»Git For Windows Issues Update To Fix Running-Someone-Else’s-Code Vulnerability
    Tech News

    Git For Windows Issues Update To Fix Running-Someone-Else’s-Code Vulnerability

    uzairBy uzairFebruary 17, 2023No Comments2 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr Email
    Git For Windows Issues Update To Fix Running-Someone-Else's-Code Vulnerability
    Share
    Facebook Twitter LinkedIn Pinterest Email

    The Git team has issued an update to fix a bug in Git for Windows that “affects multi-user hardware where untrusted parties have write access to the same hard disk,” reports The Register. Specifically, the update is concerned with CVE-2022-24765. From the report: Arguably, if an “untrusted party” has write access to a hard disk, then all bets are off when it comes to the nooks and crannies of a PC anyway. In this case, the miscreants would only need to create the folder c:.git, “which would be picked up by Git operations run supposedly outside a repository while searching for a Git directory,” according to NIST. The result is that Git would use the config in the directory. NIST went on to list potentially vulnerable products, which included Visual Studio. “Users of the Microsoft fork of Git are vulnerable simply by starting a Git Bash.” The Git team was little blunter about the vulnerability, and warned that “Merely having a Git-aware prompt that runs ‘git status’ (or ‘git diff’) and navigating to a directory which is supposedly not a Git worktree, or opening such a directory in an editor or IDE such as VS Code or Atom, will potentially run commands defined by that other user.” […] To deal with the issue, the Git team recommends an update. Alternatively, a user could create that .git folder themselves and remove read/write access as workaround or “define or extend ‘GIT_CEILING_DIRECTORIES’ to cover the parent directory of the user profile,” according to NIST.Read more of this story at Slashdot.
    Click here to read full news..

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Avatar
    uzair

    Related Posts

    Maximizing Revenue with Android Mobile App Development: Strategies for Monetization and User Acquisition

    March 14, 2023

    Green Texts In IMessages Nudges Teens To Use IPhones

    February 20, 2023

    Microsoft Names Info-Stealers That Target Crypto Wallets ‘Cryware

    February 20, 2023

    Leave A Reply Cancel Reply

    Don't Miss

    Provides She Lost That Lovin’ Feeling?

    Norstrat Special April 1, 2023

    We’ve all been there. You had been engaged in a connection which started off fantastic.…

    The Risks and Controversies Surrounding Soap2day

    April 1, 2023

    ColombianCupid Review – What Do We Realize About It?

    April 1, 2023

    You Regret Sending that Text – So What Now?

    March 31, 2023
    About Us
    About Us

    Norstrat is a corporation located in Canada that works to assist individuals in the process of growing their businesses in an automated manner.

    Our Picks

    Provides She Lost That Lovin’ Feeling?

    April 1, 2023

    The Risks and Controversies Surrounding Soap2day

    April 1, 2023

    ColombianCupid Review – What Do We Realize About It?

    April 1, 2023
    Navigate Quickly
    • Norstrat Special
    • Tech News
    • Business
    • Fashion
    • Contact Us
    Facebook Twitter Instagram Pinterest
    © Norstrat 2023 All Rights Reserved.

    Type above and press Enter to search. Press Esc to cancel.