The launch has been designed to correct a critical vulnerability
Ubuntu has just announced an unscheduled
launch: updating its version 16.04 LTS, for its server and desktop products.
According to network
security specialists from the International Institute of Cyber Security,
the Ubuntu 16.04.6 version has been developed as an update patch to correct a
critical vulnerability found in the popular Debian-based operating system.
The reported vulnerability would have allowed
malicious hackers to deceive the Advavced Packaging Tool (APT) of operating
systems to install specially designed packages. According to Max Justicz,
network security expert responsible for reporting the vulnerability, hundreds
of parameters have been handled inappropriately by the APT. This could have
allowed attackers to install altered packets during a Man-in-the-Middle
(MiTM) attack.
One way to mitigate the risk of exploitation is
to update the operating system to the latest patched version, which includes
new security features for vulnerabilities considered critical, and has tried to
maintain compatibility with Ubuntu 16.04.
In the update report, Ubuntu mentions that “unlike
previous releases, 16.04.6 is an update designed for security. Its main purpose
is to provide adequate means of installation to protect the following
installations from newly discovered vulnerabilities”.
The Ubuntu 16.04.6 packages affected by this
vulnerability could behave unexpectedly. According to experts in network
security, the update ensures that new installations are not vulnerable to this
error, so the user will remain protected.
Ubuntu 16.04 is not the only version affected
by this critical vulnerability. Versions 18.10, 18.04 and 14.04 LTS are also
impacted by this modification of packages made by malicious hackers.
