News on XtraLinux

KB5085516: Emergency Update Fixes Microsoft Account Sign-In Broken by March Patch Tuesday

Mon, 23 Mar 2026 08:00:00 +0000

Summary: Microsoft released an emergency out-of-band update, KB5085516, on March 21, 2026, to fix a sign-in breakage introduced by the March Patch Tuesday cumulative update KB5079473. The bug caused Microsoft account sign-ins to fail across Teams, OneDrive, Edge, Excel, Word, and Microsoft 365 Copilot — even on devices with a working internet connection.

What happened: After installing KB5079473 (released March 10, 2026 as part of Patch Tuesday), affected Windows 11 devices entered a broken network connectivity state that caused any Microsoft account authentication attempt to fail with the misleading error: “You’ll need the Internet for this. It doesn’t look like you’re connected to the Internet.”

Canonical Releases Ubuntu 24.04 Noble Numbat

Sat, 27 Apr 2024 18:44:55 +0200

Today Canonical announced the release of Ubuntu 24.04 LTS, codenamed “Noble Numbat”, available to download and install from https://ubuntu.com/download.

Source ubuntu.com

Critical Crypto Bug Fixed in PuTTY

Sat, 27 Apr 2024 18:25:21 +0200

Title: Critical crypto bug fixed in PuTTY

Summary: Many versions of the PuTTY client have a subtle vulnerability that can allow an attacker to compromise some private keys and then forge signatures and log into any remote servers on which those keys are used.

Source duo.com

New Technique to Trick Developers Detected in an Open Source Supply Chain Attack

Mon, 15 Apr 2024 20:40:24 +0200

Title: New Technique to Trick Developers Detected in an Open Source Supply Chain Attack

Summary: In a recent attack campaign, cybercriminals were discovered cleverly manipulating GitHub’s search functionality, and using meticulously crafted repositories to distribute malware.

Source at checkmarx.com

Ubuntu 24.10 and Debian 13 Trixie to Feature New CLI

Sun, 14 Apr 2024 17:02:02 +0200

Title: Ubuntu 24.10 and Debian Trixie Are Getting a Refined APT Command-Line Interface

Summary: The APT 3.0 package manager is getting a completely revamped UI with columnar display, support for colors, and much more.

Source

CVE-2024-3094: Critical RCE Vulnerability in XZ Utils

Thu, 11 Apr 2024 22:36:07 +0200

Title: CVE-2024-3094: Critical RCE Vulnerability Found in XZ Utils

Summary: A critical supply chain compromise, CVE-2024-3094, has been detected in XZ Utils Data compression library versions 5.6.0 and 5.6.1. This vulnerability may lead to Remote Code Execution (RCE) via SSH authentication in specific versions of certain Linux distributions.

Source

Vulnerability Management: Beyond Patching

Thu, 11 Apr 2024 22:24:25 +0200

Title: Vulnerability Management: Beyond Patching - A Shift in Cybersecurity Focus

Summary: An intriguing article explores the evolving landscape of vulnerability management, delving deeper than mere patching. Drawing from incidents like the Large Hadron Collider’s weasel-induced shutdown, it discusses how modern threats like ransomware demand a more holistic approach to cybersecurity. Highlighting compliance updates and the NIST framework, it underscores the importance of proactive strategies. Key points include the distinction between vulnerability and software vulnerability, the NIST cybersecurity framework’s core functions, and recent compliance changes in standards like PCI DSS and ISO 27001/27002. The article also emphasizes the necessity of educating users and the role of Zero Trust architecture in bolstering security.