Hackers can elevate privileges by hacking into popular text editors


By Pierluigi Paganini

Emacs text editors

Following recent string of attacks that exploit flawed plugins, researchers at SafeBreach examined 6 popular extensible text editors for unix systems.

Most of the modern text editors allow users to extend their functionalities by using third-party plugins, in this way they are enlarging their attack surface.

Third-party plugins could be affected by vulnerabilities that could be exploited by hackers to target our systems.

The situation is particularly severe in case the flaw affects a plugin for popular software such as WordPress or Windows’ extensions for Chrome, Firefox or Photoshop.

Dor Azouri, a researcher at SafeBreach, has analyzed several popular extensible text editors for both Unix and Linux …read more

Via:: Security Affiars