LabVIEW vulnerability allows hackers to attack your computer
If you need to use LabVIEW software to design machines or industrial devices, you should be alert when opening any VI file (virtual instrument).
LabVIEW is developed by the US company - National Instruments - is a visual programming language and a powerful system design tool used worldwide in hundreds of areas. In addition, it provides engineers with a simple environment to build measurement or control systems.
Recently, Cisco Talos Security Intelligence security researchers have discovered a serious flaw in this LabVIEW software. This vulnerability allows an attacker to execute malicious code on the destination computer and control the entire system.
- How to protect high-risk network ports?
- EternalRocks - more dangerous malicious code than WannaCry exploits up to seven NSA vulnerabilities
Defined as CVE-2017-2779, this executable code vulnerability can be activated by opening a special VI file - a file format that LabVIEW uses. This vulnerability stems from memory errors in the RSRC segment parsing function of LabVIEW.
Talos researchers explained that: A specially created LabVIEW VI file (with * .vi extension) can help an attacker control loop status and write nulls at will .
Researchers have also successfully tested the vulnerability in LabVIEW 2016 version 16.0 but National Instruments does not recognize this as a flaw and does not release a patch for this vulnerability.
Because there is no patch available, LabVIEW users have only one option to be careful when opening any VI file received via email.
You should read it
- How to Become a Musician
- Top best virtual RAM creation software on today's computer
- Detected a serious zero-day vulnerability in Microsoft Office, click the document file and it will stick
- VMware patches RCE Spring4Shell vulnerability on a wide range of products
- Warning: The risk of pneumonia from mold in the trumpet instrument
- How to create a virtual drive (Virtual Hard Disk) on Windows 10 without installing any additional software
- Facebook vulnerabilities allow users to receive millions of virtual likes
- VirtualBox and VMware: Which virtual machine software is better?
May be interested
- Hide malicious code in Windows logs file to attack computers, new ways of attack by hackershackers are constantly inventing new ways to attack corporate and user computer systems.
- In turn, Microsoft admitted being hacked because of the SolarWinds vulnerabilitymicrosoft has admitted that they were attacked by hackers through a vulnerability of solarwinds' software update system. however, the software giant denied that hackers used their software to infect users as well as customers.
- ZIP bomb can protect websites from hackerswebsite owners can now use a tool called zip bomb to damage the port scanner, hacker website vulnerability and prevent him from accessing his website.
- Windows 10 vulnerability from Cortana helps hackers open unauthorized malicious websites and how to fix themby default, cortana will always listen to users' requests, even if the lock screen on windows 10, this is the hole that gives hackers the opportunity to manipulate the device and install malicious code. in computer.
- Filipino hackers attack the Vietnamese web, retaliating that many users' Facebook accounts are 'hacked' by Vietnamese peoplethere is a cyber attack campaign targeting websites of vietnamese individuals and organizations launched by filipino hackers to retaliate against many 'hacked' filipino accounts by vietnamese people.
- New vulnerability on MediaTek chip makes 30% of Android smartphones can be eavesdroppedmediatek has just had to immediately release patches for vulnerabilities that allow hackers to eavesdrop on android users' calls. even hackers can exploit the vulnerability to run commands or privilege escalation attacks.
- Detecting APT attack campaign on important national infrastructure on Tet holidaythe main purpose of hackers is to gain user control, then through it to attack internal computer systems to steal important information.
- What to do to protect the device from ZombieLoad attack?recently a new vulnerability was found on intel processor chip called zombieload that made users worried. if you are looking for ways to protect your device, then you are in the right place.
- Hackers publish Windows attack codemicrosoft on october 28 has advised its customers that the vulnerabilities that attack the windows operating system are released by hackers.
- Hackers can use Ransomware to attack and control robotsioactive, an american security consulting firm, recently launched an attack to prove that hackers can not only use ransomware to attack computers to make ransom, but also attack complex robot systems. are being used in many areas.