Follow

There is a vulnerability in the Plasma desktop that KDE developers are currently working to patch. The details are here.

zdnet.com/article/unpatched-kd

For the moment avoid downloading .desktop or .directory files and extracting archives from untrusted sources.

Also, if you discover a similar vulnerability, it is best to send an email security@kde.org before making it public. This will give us time to patch it and keep users safe before the bad guys try to exploit it.

.@kde@mastodon.technology Downloads of .desktop files should in general be treated about as suspiciously as .lnk files on Windows.

@kde
"Researcher did not notify KDE team" What a shit and what a strange excuse.
But please, make KDE safer and stay that way, because I really like it.

@kde sucks Penner just wanted props before defcon. I hope its not too much hassle for you.

Sign in to participate in the conversation
Mastodon for Tech Folks

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!