Canonical has fixed a major security vulnerability & mdash on Ubuntu14.04LTS, which may allow attackers to obtain a user account without entering a password. & Ldquo; lock bypass & rdquo; the problem was published on Launchpad earlier this week. vulnerability fix has now been released. It describes a method to access user accounts that use the new Unity lock screen and are in the lock status without authorization. How can this problem be solved?
Canonical has fixed a major security vulnerability on Ubuntu 14.04 LTS-which may allow attackers to obtain a user account without entering a password.
The "lock bypass" issue was published on Launchpad earlier this week. Vulnerability fixes have now been released.
It describes a method to access user accounts that use the new Unity lock screen and are in the lock status without authorization.
What should we do? Right-click the indicator program until the Alt + F2 shortcut key works. In this case, you can issue a command to open the program, access the date, or even run'Compiz-replace'Command to open the session.
A video of the vulnerability demonstration can be viewed on YouTube.
This vulnerability only affects the local environment and cannot be remotely run.
Ubuntu 14.04Download, install, configure related knowledge http://www.linuxidc.com/Linux/2014-04/100370.htm
Ubuntu 14.04: Http://www.linuxidc.com/Linux/2014-04/100352.htm
Ubuntu 14.04 text tutorial on hard drive installation in Windows 7Http://www.linuxidc.com/Linux/2014-04/100983.htm
Fixed other lock screen problems
This shiny new lock screen keeps the Canonical security team busy. The lock bypass issue is not the only vulnerability found. Just a few days ago, due to the release of Ubuntu 14.04 LTS, another important security problem was fixed (in this case, it was fixed very quickly ), this vulnerability can force the computer to unlock by triggering any easily repeated crash on the locked screen. Another shortcut key-based vulnerability is being fixed.
Security
With the release of Ubuntu LTS, a popular version for many businesses, educational institutions, and enterprises, these problems may be bad news. However, if there is a problem, it all shows how quickly Canonical is dealing with and fixing the problem-it is very reassuring.
This also shows how smart the company was to prompt the current LTS user to upgrade to 14.04 LTS in December. The additional buffer time of these three months is provided to the super hero Hall of the ubuntu community and its developers for more time to detect and fix security problems such as the above.
If you are using Ubuntu 14.04 LTS, check and install updates frequently.
For more information about Ubuntu, see Ubuntu special page http://www.linuxidc.com/topicnews.aspx? Tid = 2
This article permanently updates the link address: Http://www.linuxidc.com/Linux/2014-05/101548.htm