Software Bugs Monthly Digest – May 2021

by Yulia Lomanova | June 2, 2021 11:11 am

Almost half a year has passed – and here we are. More bugs, cyberattacks, and user headaches continue to occur as the value of QA arises. Finally, the world has learned its lesson: quality practices are being integrated into every stage of the lifecycle – and become part of everyone’s mindset.

Nonetheless, despite the long road ahead, let’s get one step closer to developing high-quality software[1] we can all rely on – by considering the following examples.

Without further ado, here is the latest QA buzz of May.

Issues in the new Windows 10 update discovered minutes after release

Windows 10 update bugs

The new Windows update started rolling out on April 14 and immediately caused a wide range of issues, including buggy frame rates, graphical stuttering, and
the blue screen of death.

The issues do not seem limited to specific hardware, as users with both NVIDIA and AMD have been affected.

What’s more, the updates also cause nightmares for gamers. They report unstable FPS, random stutter, and VSync that seems broken sometimes. Most users affected by these problems were running games full screen or borderless windowed modes and using several monitors.

As Microsoft has already recognized the issues, an official fix is currently being worked on to patch them out.

Tesla car hacked using drone

Tesla security bug

A group of security researchers managed to hack a Tesla car using an exploit delivered with a drone.

Their attacks targeted a component called ConnMan, used to manage network connections and accessible over Wi-Fi. Two flaws in ConnMan allowed running commands on the infotainment system on the Tesla.

The benevolent hackers stated that they could have done much worse by writing code to Tesla’s infotainment tech. The exploit allows creating new Wi-Fi firmware in the Tesla and turning it into an access point to control other Tesla cars that come into proximity.

The most alarming thing about this story is that the vulnerable ConnMan component is used in other cars as well. Tesla has already released a patch for the hack. However, it is unclear whether all car manufacturers have implemented the patched code.

Toshiba unit hacked by DarkSide

Toshiba security bug

Toshiba Tec Corp, which sells self-checkout technology and point-of-sale systems to retailers, was hacked by the DarkSide ransomware group. The representative confirmed that the Japanese company refused to pay a ransom demanded by hackers.

According to Toshiba Tec, a “minimal” amount of data was stolen. No leaks have been detected so far, and protective measures were put in place after the cyberattack.

However, the screenshots of DarkSide’s post attest that more than 740 gigabytes of data were compromised, including passports and other personal information.

The cyberattack on a major US pipeline exposed the remarkable vulnerability of a key American infrastructure

Colonial Pipeline security vulnerability

Colonial Pipeline, a major US supplier of gasoline, diesel, and jet fuel, has temporarily halted all pipeline operations after a cyberattack.

The firm immediately brought in a cybersecurity firm to launch an investigation and contacted law enforcement.

This attack exposed the remarkable vulnerability of a crucial US infrastructure as hackers intensified their attacks on electric grids and pipelines.

The F.B.I., concerned that the ransomware effort could spread, issued an emergency alert to electric utilities, gas suppliers, and other pipeline operators to be on the lookout for code like the kind that locked up Colonial Pipelines.

University of California data breach: Sensitive information of staff and students leaked

UC data breach

The University of California has reported a data breach affecting staff and students after malicious actors gained unauthorized access via third-party service Accellion file transfer appliance.

Impacted information included full names, addresses, telephone numbers, passport information, bank account numbers, health information, as well as other personal information.

After the cyberattack, UC stopped using Accellion FTA and is transitioning to a “more secure solution”.

QA and software testing[2]

Learn more from QATestLab

Related Posts:

Endnotes:
  1. high-quality software: https://qatestlab.com/
  2. [Image]: https://qatestlab.com/services/?utm_source=Blog&utm_medium=Post&utm_campaign=services

Source URL: https://blog.qatestlab.com/2021/06/02/software-bugs-digest-may-2021/