Grub Vulnerability : You can Hack into a Linux PC/laptop just by pressing ‘Backspace’ 28 times
Most of us swear by Linux as a super secure operating system but two security researchers from Spain have discovered a unique vulnerability in Linux which could give even a noob access to a Linux powered PC.
Just hit the backspace key 28 times at the Grub username prompt during power-up. This will open a “Grub rescue shell” under Grub2 versions 1.98 to version 2.02.
This rescue shell allows unauthenticated access to a computer and the ability to load another environment.
From this shell, any potential attacker could gain access to all the data on a Linux computer, and can misuse it to steal or delete all the data, or install persistent malware or rootkit, according to researchers Ismael Ripoll and Hector Marco, who published their research on Tuesday.
According to Ripoll and Marco, the Grub vulnerability affects Linux systems from December 2009 to the present date. They have stated that even some older Linux PCs may be affected by this bug.
The good news is the researchers have made an emergency patch to fix the Grub2 vulnerability. So if you are a Linux user and worried your system might be vulnerable, you can apply this emergency patch, available here.
Meanwhile, many major distributions, including Ubuntu, Red Hat, and Debian have also released emergency patches to fix the issue.