Another reminder that security tools need patching, too.
Yubico has patched a Windows DLL search path flaw affecting YubiKey Manager, libfido2, and python-fido2. If an attacker can place files in the Installation directory, the affected software could load malicious code.
Patched versions are:
YubiKey Manager 5.9.1
libfido2 1.17.0
python-fido2 2.2.0
This is not a reason to panic, but it is a very good reason to update.
Are the tools you trust for security actually kept up to date?
https://www.heise.de/en/news/YubiKey-Manager-Security-vulnerability-allows-execution-of-injected-code-11262270.html
#YubiKey #CyberSecurity #Privacy #InfoSec #DigitalSecurity
Yubico has patched a Windows DLL search path flaw affecting YubiKey Manager, libfido2, and python-fido2. If an attacker can place files in the Installation directory, the affected software could load malicious code.
Patched versions are:
YubiKey Manager 5.9.1
libfido2 1.17.0
python-fido2 2.2.0
This is not a reason to panic, but it is a very good reason to update.
Are the tools you trust for security actually kept up to date?
https://www.heise.de/en/news/YubiKey-Manager-Security-vulnerability-allows-execution-of-injected-code-11262270.html
#YubiKey #CyberSecurity #Privacy #InfoSec #DigitalSecurity