«

»

Apps based on Electron framework are vulnerable to attack

Share this...Share on Google+Share on LinkedInTweet about this on TwitterShare on FacebookShare on RedditDigg thisEmail this to someone

The Electron framework — the basis of popular apps including Skype, Slack, Signal and WordPress — has been found to contain a security flaw that leaves it vulnerable to attack. The GitHub-created tool has a vulnerability that allows hackers to execute arbitrary code on remote systems. CVE-2018-1000136 affects Electron 1.7.13 and older as well as Electron 1.8.4 and 2.0.0-beta.3, and the problem exists because of the interaction between Electron and Node.js. See also: Google will require OEMs to provide regular Android security updates Amazon now offers a smart home security installation service Google’s Project Zero reveals security flaw in Windows… …Continue reading on BetaNews

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>