Apps based on Electron framework are vulnerable to attack

Full Article :

BetaNews - https://betanews.com/2018/05/14/electron-framework-vulnerability/

The Electron framework — the basis of popular apps including Skype, Slack, Signal and WordPress — has been found to contain a security flaw that leaves it vulnerable to attack. The GitHub-created tool has a vulnerability that allows hackers to execute arbitrary code on remote systems. CVE-2018-1000136 affects Electron 1.7.13 and older as well as Electron 1.8.4 and 2.0.0-beta.3, and the problem exists because of the interaction between Electron and Node.js. See also: Google will require OEMs to provide regular Android security updates Amazon now offers a smart home security installation service Google’s Project Zero reveals security flaw in Windows…

Leave a Comment

%d bloggers like this: