A vulnerability of this magnitude has the potential to be damaging to the entire online ecosystem. Patches are available for most distributions and server administrators should install them as soon as possible.
Chicago, IL (PRWEB) February 23, 2016
WiredTree, a leading provider of managed virtual private server and dedicated server hosting, has strongly advised hosting users and other users of the Linux operating system to update their servers as soon as possible. The advice is a response to the recent discovery of a critical remote code execution vulnerability — reported by Ars Technica (Feb 16, 2016) — in a key component of the operating system.
Patches that mitigate the risk have been released by Linux distribution developers, including both Red Hat and CentOS, the most popular distributions for web hosting platforms.
The vulnerability is present in a widely used function in the GNU C Library, which is part of almost all Linux distributions, and is used by software ranging from system utilities to services that include web servers. The affected function is used by many thousands of applications.
“At WiredTree, we've had a busy week patching the servers of our managed hosting platform — a service we offer to all of our managed hosting clients,” said Zac Cogswell, President of WiredTree, “However, although our clients are safe, we want to publicize this vulnerability as widely as possibly. A vulnerability of this magnitude has the potential to be damaging to the entire online ecosystem. Patches are available for most distributions and server administrators should install them as soon as possible.”
The vulnerability is so serious because it occurs in one of the most widely used components of the GNU C Library in a function that handles DNS resolution. This function is used in a staggering number of Linux applications on millions of servers around the world. Although there is no evidence that the vulnerability has been actively exploited by online criminals, there's no doubt that in the wake of the vulnerability disclosure, criminals are working to turn it to their advantage.
WiredTree specializes in delivering managed hosting experience that places the client in complete command; covering virtual, hybrid, and dedicated web hosting. As champions of customer care, it's no wonder that more than 5,000 clients enjoy WiredTree's free hardware level-ups and a <15 minute average ticket response time. All of this is built on top of only the highest-performing technologies, including LiteSpeed web server, MariaDB, memcached, SSD-driven hardware, and an in-house management system called Grove. To learn more about what WiredTree can do for your site, visit http://www.wiredtree.com.