You’re probably asking yourself “Why is XVU telling me about something that happens on a server? I’m not a techie, I don’t run a server, why do I care?” Well, some server exploits are bad enough that they even threaten you as a user of the web. Lemme ‘splain.

ARSTechnica reported an “Extremely critical” bug that “threatens more than 200,000 sites”. 200,000 sounds like a big number, but in the grand scheme of the internet, it’s not that many. However, look at some of the sites that are in that list:

http://www.twitter.com/
http://www.yellowpages.com/
http://www.whitepages.com/
http://www.hulu.com/
http://www.groupon.com/
http://www.scribd.com/
http://www.lumosity.com/
http://www.urbandictionary.com/

and, well, 200,000 more like that.

“Ok, so it attacked a bunch of sites I go to every day. How does that affect ME?!” Well, I’m glad you asked. According to this post “An attacker can execute any ruby code he wants including system(“unix command”).” This means that if the site was exploited, the attacker could infect you just by browsing the site. Perhaps infecting the site with the new Java 0-day exploit and installing a keylogger on your computer.

If you have visited any of the above sites, please be sure to run a thorough virus scan, and be sure to use your XVU Drive to access secure sites until we’re all sure this is thoroughly patched.