Software giant Microsoft today (Saturday) released a notice asking users of the game in their Java version to urgently update their version, following a significant weakness discovered in the popular game software Minecraft, which may have implications for additional services around the online world.
Following this, the cyber array issued a stern warning about the breach.
This is a vulnerability that, according to the cyber system, received a maximum score of 10.0, ie it is a significant vulnerability and therefore "the vulnerability can be exploited remotely and the servers most prone to exploit this vulnerability are servers accessible from the Internet. The vulnerability can also be realized as a worm.
In fact, it is a loophole that allows computers to be remotely controlled, including the installation of various malware.
The hardware vulnerability stems from the fact that even if your computer is supposed to be protected from it, if the game's server to which you are connected is out of date, you are vulnerable to attack.
Microsoft Minecraft Game - Serious Security Vulnerability (Archive), Photo: AP
It should be noted that although the popular game Minecraft has 141 million active users on the network, it may be a much greater weakness that could affect other software-related servers such as Apple, Microsoft, NetApp, Tesla, Twitter and Cloudflare.
David Warszewski, VP of Enterprise Security at Sygnia, which provides cyber-attack consulting and response services for governments and global organizations, said: We are already seeing crypto miners exploiting the hack and the next step will probably be attacks by ransomware groups that will exploit the vulnerability to infiltrate organizations. The vulnerable software is everywhere - iCloud and Twitter servers, enterprise IT and security solutions as well as CCTV cameras and printers - the vulnerable package exists in thousands of Java applications ".
"One can only begin to speculate what intelligence agencies will do with it. The vulnerability allows attackers to infiltrate enterprise networks and cloud platforms, as well as leak sensitive information from websites and products. "In turn may lead to full control of the attacker in the environment. Since many technology and security companies themselves are vulnerable to this, we expect to see massive intrusion into companies and security entities with more advanced cyber defense capabilities as well."
If you are afraid that you have been exposed to a loophole, follow the instructions of the cyber system >>
Were we wrong?
Fixed!
If you found an error in the article, we'll be happy for you to share it with us