Important – GHOST vulnerability update

Last night a security vulnerability was discovered that affects Linux distributions. The vulnerability allows hackers to potentially execute code and gain control of the linux hardware. It has been names GHOST and is a critical glibc library vulnerability.

Upon following the discovery, our security engineers began implementing the official patch for all our Linux shared web hosting servers and we are pleased to confirm that this has now been completed.

Please note that this is a general Linux security issue, not a Ansford Internet one. Therefore, if you have Linux hosting with any other providers anywhere in the world, we strongly recommend you find out if they have taken action to secure their servers or if you need to take action in order to be protected against GHOST.

If you’re interested in finding out more about GHOST, check out Linux hit by critical security hole.

How does Ghost affect you?

Shared & Premium Web Hosting

If you have a starter, home, business or unlimited hosting with us, you are not required to take any action. All these web servers have been patched and secured accordingly to protect them by our system administration team. We are closely monitoring for industry updates and if there are any further fixes that are required we will implement them as quickly as possible.

VPS, Hybrid & Dedicated Servers

If you  have an unmanaged server (this includes all Virtual Private Servers, Hybrid Servers, and Dedicated Servers running any flavour of Linux), you will need to check to see if it is vulnerable to GHOST, and then implement the official patch if needed. We strongly recommend you do this as soon as possible.

To do this:

1. Test to see if your server is vulnerable by running the following command.

http://mirrors.uk.heg.com/ghost/ghost-checker
chmod +x ghost-checker
./ghost-checker

2. If this returns “segmentation fault”, your server is vulnerable and will need to be patched as follows:

If you’re running Ubuntu:

sudo apt-get update; apt-get install --only-upgrade glibc*

If you’re running CentOS:

sudo yum clean all; sudo yum update glibc

3. Reboot your server to complete the install. This is essential in order to ensure you are no longer running vulnerable processes and files.

 

 

Header Image Credit

Recommended Posts