Dangerous vulnerability discovered within Git source code

Potentially dangerous flaws within Git have been discovered that could lead to arbitrary code execution when a user operates in a malicious repository. Full Story Here: https://www.bleepingcomputer.com/news/security/malicious-git-repository-can-lead-to-code-execution-on-remote-systems/

http://brn.firetrench.com

Commenting on the news is Martin Jartelius, CSO at Outpost24:

 

This issue is similar to that reported by the Outpost24 security researcher in October 2017, for the then concerning GOLANGS Go-Get

https://github.com/golang/go/issues/22125 assigned CVE-2017-15041

 

There is always a risk when using external repositories. By doing so you are including the code of unknown individuals into the source of your own software, without knowing what’s in the code and where it comes from. It is hard to protect against incidents like this as most developers reuse the work of others, and it is in large a question of training and awareness. It’s already a legal challenge to keep track of licenses and intellectual property rights.

Overall, to protect your organization against remote code execution on employees’ PC’s you need to run processes as a local administrator as well as prevent execution from the temporary folder and temporary internet files folder. The use of Enhanced Mitigation Experience Toolkit (EMET) from Microsoft would further reduce the risk.

But in short this vulnerability is serious. Users must take caution and use trusted sources only. Organizations must understand the risks associated with embedding external unknown actor’s code into their internal development, and make the tough decision on whether this is worthwhile for their business it’s all down to risk acceptance.