Debian, Gnome Patched 'Bad Taste' VBScript-Injection Vulnerabilities

Slashdot reader KiloByte warned us about new exploit for .MSI files named "bad taste". Neowin reports: A now-patched vulnerability in the "GNOME Files" file manager was recently discovered which allowed hackers to create dodgy MSI files which would run malicious VBScript code on Linux... Once Nils Dagsson Moskopp discovered the bug, he reported it to the Debian Project which fixed it very rapidly. The GNOME Project also patched the gnome-exe-thumbnailer file which is responsible for parsing MSI and EXE files inside the GNOME Files app... If you run a Linux distribution with the GNOME desktop it's advisable to run the update manager and check for updates as soon as possible before you become affected by this critical vulnerability.

Re:Linux is nothing but a disappointment these day

Linux of that era was robust and trustworthy.

It wasn't, you just believed that it was.

Grab a fresh install of that vintage, and the NSA and every script kiddie from here to eastern Europe will have three dozen working exploits for it.

Linux at the time was a VERY unimportant target. It wasn't established in the server space yet, and it was all but zero percent of the desktop. It wasn't worth bothering with.

Now that it is, if you use a Linux of that vintage it can be pwned with little more difficulty than Windows 95.

Any OS requires constant security updates to stay in the game.

This vulnerability is inexcusable.

This was a VBScript exploit affecting GNOME and Linux in 2017. Think that through. Let it sink in.

Just because it may have been fixed doesn't make this incident acceptable.

It never should have happened in the first place!

Everything about this incident is wrong, and extremely shameful.

It is an indication of just how rotten the Linux and GNOME development communities have gotten lately.