The Linux-based OS Ubuntu is known for its simplicity and security. It’s free, highly customizable and comes in lots of flavors. Yesterday, Ubuntu released an unscheduled update of its 16.04 LTS version to fix a major vulnerability.
The update was developed for all its desktop and server products. According to researcher Max Justicz, the bug in the OS allowed attackers to play with the Advanced Packaging Tool (APT) and install infected packages. He also said that the APT was unable to handle certain parameters during redirects.
The Bug Made Ubuntu Vulnerable to MITM
The flaw was so severe in its nature that if a Man-in-the-middle (MITM) attack happened, attackers could install modified packages to breach the security of OS. This may result in packages behaving unexpectedly or performing some actions which they are not supposed to do.
The Ubuntu 16.04.6 version is actually a patch for this major flaw. The updated doesn’t only secure the operating system from this vulnerability but also ensure that new installs are no longer prone to the bug. After all, the popular OS Ubuntu can’t let their users compromise their security at any cost.
Lukasz Zemczak of Ubuntu said in its announcement, “Unlike previous point releases, 16.04.6 is a security-targeted release for the purpose of providing updated installation media which protects new installations from the recently discovered APT vulnerability (USN-3863-1).”
How to be Safe?
You are also advised to update the operating system with the latest patched version. This version also includes some other major security updates for possible flaws. The Ubuntu 16.04.6 has been released with a strong focus on maintaining stability and compatibility both.
Also, remember the Ubuntu 16.04 is not the only version affected by this critical bug. Other versions like 18.10, 18.04 and 14.04 LTS are also on the list and could be attacked via this APT vulnerability.