Last night a security vulnerability was discovered that affects Linux distributions, allowing hackers to potentially execute code to gain control of hardware. It has been named GHOST (CVE-2015-0235) and is a critical glibc vulnerability.

Immediately following the discovery, our security engineers began actioning the official patch for all our Linux shared web hosting servers, and this has now been completed.

---

Shared & Premium Web Hosting

If you have Starter Pro, Home Pro, Business Pro, Reseller Pro or Premium Web Hosting with us, you don’t need to take any action. All these web servers have been patched and secured accordingly by our system administration team, and we are closely monitoring industry updates so that if any further fixes are needed we can implement them as quickly as possible.

---

VPS, Hybrid & Dedicated Servers

If you – or your customers – have an unmanaged server (this includes all Virtual Private Servers, Hybrid Servers, and Dedicated Servers running any flavour of Linux), you will need to check to see if it is vulnerable to GHOST, and then implement the official patch if needed. We strongly recommend you do this as soon as possible.

If you’re running Ubuntu: 

sudo apt-get update; sudo apt-get install --only-upgrade glibc*

If you’re running CentOS:

sudo yum clean all; sudo yum update glibc

 

3. Reboot your server to complete the install. This is essential in order to ensure you are no longer running vulnerable processes and files.

---

Please note that this is a general Linux security issue, not a Heart Internet one. Therefore, if you have Linux hosting with any other providers anywhere in the world, we strongly recommend you find out if they have taken action to secure their servers or if you need to take action in order to be protected against GHOST.

(Header image credit)