back to article Nginx nJS will need patches, hotels exposed via security systems, Docker containers dinged, and more

Here's a quick summary of news in the world of information security beyond everything we've already covered. Docker containers banished to the coin mines Last week was not a great week for the Docker security team, first with the revelation of a race condition flaw, then with a warning from Trend Micro of active attacks …

  1. Bronek Kozicki

    Helpful link

    For those wondering "Am I affected by this nginx bug?". You might be, if your nginx is running NGINX JavaScript Module. It is not built by default

  2. sitta_europea Silver badge

    "We find that security notifications alone have a moderate impact on remediation outcomes, similar to or less than notifications for other types of security vulnerabilities."

    Yup. That's about right.

    Try telling the DVLA. Or the Land Registry. Or Eon. Or Capita.

    Complete wate of time.

    1. Claverhouse

      There's always the possibility some people are instantly distrustful of anything coming from Google.

      Apart from the fact your and their empire-building interests do not always coincide, Beware of Greeks, etc..

  3. Claverhouse
    Linux

    The Day of the Penguin

    The Kremlin has long been planning to get itself off of Windows and onto its own FSB-approved version of Linux. That effort took a step forward this week when Astra Linux cleared a major security hurdle.

    The link to Defense One goes to a page entitled:

    Russia’s Would-Be Windows Replacement Gets a Security Upgrade which is OK; yet the url itself includes: russias-microsoft-knockoff-gets-security-upgrade which personally makes me want to lob a mini-nuke to the publishers.

    They like their nukes there..

    .

    EDIT: Plus in the Sour Grapes vein there's some fairly demented dismissal of the Russian government being able to sell their Linux abroad; and various cheap shots about Russian software being dangerous. Especially for Windows.

    Malware purposed for the Windows platform is rootless and cosmopolitan.

  4. RLWatkins

    "Nginx nJS" needs a patch.

    Really? Nginx nJS needs patching? I know just the person to help out, good old Shrdlu etaioN. He's a colleague of the widely-respected Montuewed Thufrisat. Everyone knows Shrdlu, been in the business for ages.

    I realize that this is nothing more than an outburst of sarcasm, but I have watched my beloved profession, which used to use real words and plain language, descend into the tar-pit of novelty-naming. "No! They have an edgier name than we do! Make something up that's all consonants. Yeah, that's the ticket."

    [sigh]

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like