在线英语听力室

VOA慢速英语2021--科技公司竞相修复有风险的互联网软件

时间:2021-12-18 23:53:28

搜索关注在线英语听力室公众号:tingroom,领取免费英语资料大礼包。

(单词翻译)

Tech Companies Racing1 to Fix At-Risk Internet Software

Computer security experts around the world are trying to fix one of the worst software weaknesses found in years.

The vulnerability is in an open-source program widely used by government and industry. It has become a major threat to organizations around the world.

"The internet's on fire right now," said Adam Meyers. He is the vice2 president at the cybersecurity company Crowdstrike.

The problem is found in an open-source Apache utility called log4j. It is used to run websites and other web services. The vulnerability is known as "Log4Shell."

The software problem's severity was rated 10 on a scale from one to 10 by the Apache Software Foundation, which oversees3 development of the software.

The vulnerability was reported on November 24 by the Chinese technology company Alibaba. It took two weeks to develop a patch.

Last week, Meyers said that within 12 hours of discovering the problem it had been "fully4 weaponized." He said criminals have already developed and distributed tools to exploit it.

Experts say the bug5, another word for a software problem, may be the worst computer weakness discovered in years. The Apache software is used in almost all cloud computing6 servers, across industry and government.

Unless it is fixed7, the bug gives criminals the ability to easily access internal networks. There, they could steal important data, put malware in place, and do much more damage.

Joe Sullivan is the head of security for Cloudflare, a company that protects websites from security threats.

"I'd be hard-pressed to think of a company that's not at risk," he said. Millions of servers have the software, and experts said the impact would not be known for several days.

Amit Yoran is the head the cybersecurity company Tenable. He called it "the single biggest, most critical vulnerability of the last decade," and maybe the history of modern computing.

Experts said the vulnerability makes it easy for an attacker to access a web server, and makes it very dangerous. There is no password required to access a server.

Patching the bug could be a difficult job. Most organizations and cloud providers like Amazon should be able to update their web servers easily. But the same Apache software is also used by many third-party programs, which often can only be updated by their owners.

Yoran, of Tenable, said organizations need to act as if they have been affected8 and fix the problem.

The first clear signs of the bug's exploitation appeared in Minecraft, an online game popular with children. Attackers were able to take over one of the world-building game's servers before Microsoft, which owns Minecraft, patched the problem.

Microsoft said it had completed a software update for Minecraft users. "Customers who apply the fix are protected," the company said.

Researchers say the vulnerability could also be exploited in servers run by companies like Apple, Amazon, Twitter and Cloudflare.

Words in This Story

vulnerability — n. something open to attack, harm, or damage

utility — n. a computer program that does a specific task

patch — n. a program that corrects or updates an existing program

exploit — v. to use in a way that helps you unfairly

malware — n. a computer program that is designed to damage or break into a computer


分享到:


点击收听单词发音收听单词发音  

1 racing 1ksz3w     
n.竞赛,赛马;adj.竞赛用的,赛马用的
参考例句:
  • I was watching the racing on television last night.昨晚我在电视上看赛马。
  • The two racing drivers fenced for a chance to gain the lead.两个赛车手伺机竞相领先。
2 vice NU0zQ     
n.坏事;恶习;[pl.]台钳,老虎钳;adj.副的
参考例句:
  • He guarded himself against vice.他避免染上坏习惯。
  • They are sunk in the depth of vice.他们堕入了罪恶的深渊。
3 oversees 4607550c43b2b83434e5e72ac137def4     
v.监督,监视( oversee的第三人称单数 )
参考例句:
  • She oversees both the research and the manufacturing departments. 她既监督研究部门又监督生产部门。 来自《简明英汉词典》
  • The Department of Education oversees the federal programs dealing with education. 教育部监管处理教育的联邦程序。 来自互联网
4 fully Gfuzd     
adv.完全地,全部地,彻底地;充分地
参考例句:
  • The doctor asked me to breathe in,then to breathe out fully.医生让我先吸气,然后全部呼出。
  • They soon became fully integrated into the local community.他们很快就完全融入了当地人的圈子。
5 bug 5skzf     
n.虫子;故障;窃听器;vt.纠缠;装窃听器
参考例句:
  • There is a bug in the system.系统出了故障。
  • The bird caught a bug on the fly.那鸟在飞行中捉住了一只昆虫。
6 computing tvBzxs     
n.计算
参考例句:
  • to work in computing 从事信息处理
  • Back in the dark ages of computing, in about 1980, they started a software company. 早在计算机尚未普及的时代(约1980年),他们就创办了软件公司。
7 fixed JsKzzj     
adj.固定的,不变的,准备好的;(计算机)固定的
参考例句:
  • Have you two fixed on a date for the wedding yet?你们俩选定婚期了吗?
  • Once the aim is fixed,we should not change it arbitrarily.目标一旦确定,我们就不应该随意改变。
8 affected TzUzg0     
adj.不自然的,假装的
参考例句:
  • She showed an affected interest in our subject.她假装对我们的课题感到兴趣。
  • His manners are affected.他的态度不自然。

本文本内容来源于互联网抓取和网友提交,仅供参考,部分栏目没有内容,如果您有更合适的内容,欢迎 点击提交 分享给大家。