Avatar von DasMeinungsbild
  • DasMeinungsbild

mehr als 1000 Beiträge seit 20.08.2011

heise Security verbreitet Panik...

Ein Patch ist längst unterwegs und die Lücke setzt schon Eigenleistung des Nutzers voraus...

Wenn ich eine Datei öffne die mir ein fremder schickt, dann muss ich schon echt blöd sein...

Hier was der Chef dazu meint:

"Durov's Channel, [13.02.18 15:41]
The Kaspersky antivirus company claimed today they found a “0-day vulnerability on Telegram for Windows”, which affected “1000 users before it was fixed”.

As always, reports from antivirus companies must be taken with a grain of salt, as they tend to exaggerate the severity of their findings to get publicity in mass media. Telegram Geeks, a community of Telegram fans, gave a good explanation of what it really was about:

Durov's Channel, [13.02.18 15:41]
[Weitergeleitet aus Telegram Geeks]
▶️ Our two cents:

Well, this is not a real vulnerability on Telegram Desktop, no one can remotely take control of your computer or Telegram unless you open a malicius file.

This kind of vulnerability is based on social engineering (https://www.webroot.com/us/en/home/resources/tips/online-shopping-banking/secure-what-is-social-engineering).

In fact, it was a .js file hidden on a a .png file, this happened thanks to RTL characters (https://en.wikipedia.org/wiki/Right-to-left_mark).

Windows users must click on the Run dialog in order to install the malware.

So don't worry, unless you opened a malicius file, you have always been safe.

ℹ️ @geeksChannel

Das Posting wurde vom Benutzer editiert (13.02.2018 19:41).

Bewerten
- +
Anzeige