Reply to post: Re: Linux as a target? But is this really the case?

Monero-mining botnet targets Windows, Linux web servers

ComputerSays_noAbsolutelyNo Silver badge

Re: Linux as a target? But is this really the case?

While I agree with you, I think the distinction should be made.

"You do not get any viruses on X" can only be true if you only use the on-board tools of X, but first of all even X can have vulnerabilities; and second, who doesn't use third-party software?

If a virus exploits some weakness of the underlying OS, then we can and should specify the OS as a target.

But, if the vulnerability is purely on the side of the app or framework, then the underlying OS isn't relevant.

In this case it doesn't matter whether the app/framework is only available on one OS or is cross-platform.

If I have understood the Log4Shell vuln correctly, no vulnerability of the underlying OS is necessary to exploit Log4Shell, hence this is framework-weakness.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022