All PHP Applications are Vulnerable

Подписаться 626 тыс.

Просмотров 126 тыс.

50% 1

In this video I discuss a 24 year old bug in the GNU C Library (tracked as CVE-2024-2961) that can allow a threat actor to get remote code execution on virtually any PHP application that is running on a system with GlibC (pretty much every Linux Operating system and by extension most websites on the internet)
My merch is available at
based.win/
Subscribe to me on Odysee.com
odysee.com/@AlphaNerd:8
₿💰💵💲Help Support the Channel by Donating Crypto💲💵💰₿
Monero
45F2bNHVcRzXVBsvZ5giyvKGAgm6LFhMsjUUVPTEtdgJJ5SNyxzSNUmFSBR5qCCWLpjiUjYMkmZoX9b3cChNjvxR7kvh436
Bitcoin
3MMKHXPQrGHEsmdHaAGD59FWhKFGeUsAxV
Ethereum
0xeA4DA3F9BAb091Eb86921CA6E41712438f4E5079
Litecoin
MBfrxLJMuw26hbVi2MjCVDFkkExz8rYvUF

Наука

Опубликовано:

1 июн 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 725

@mmmmmmmmmmmmbeepbeepbeep Месяц назад

The good thing is TempleOS is still safe from all these CVEs.

@kennnnn Месяц назад

Common divine W

@bc-cu4on Месяц назад

As the Lord intended.

@ViaScientifica Месяц назад

The Lord Jesus Christ Antivirus 2000 has proven to be impenetrable.

@ProDCloud Месяц назад

Anyone can be safe if they unplug the ethernet cable.

@fatstupid9070 Месяц назад

after jesus turned water to wine, he turned software vulnerabilities into history 🙏

@ShatteredQvartz Месяц назад

At this point I'm just going to become Amish, that's the only way to be totally secure

@MentalOutlaw Месяц назад

Unfortunately there's also bugs on the farm that need patching. I have to build a roll away nesting box because my chickens discovered their own eggs are tasty

@thrillium8623 Месяц назад

@@MentalOutlaw This is so real dude

@user-ci1em7go2c Месяц назад

@@MentalOutlaw oof

@trumpetpunk42 Месяц назад

It actually worked out pretty well for C0V1D...

@ShakaFishing Месяц назад

@@MentalOutlaw The chicken wire patch has yet to secure against the fox no-clip exploit.

@Chief-VR Месяц назад

Born too late for PHP vulnerabilities, born too early for PHP vulnerabilities, born just in time for PHP vulnerabilities.

@Will-uv9kx Месяц назад

>this bug is triggered by international conversion system Personally I blame other countries for existing

@Smokkedandslammed Месяц назад

Yeah! Let's get em!

@walrider Месяц назад

China to be precise in this case

@werren894 Месяц назад

including monarchy?

@jessequartey Месяц назад

Shut up

@stavinaircaeruleum2275 Месяц назад

Same.

@kidnamedfinger.productions Месяц назад

April 30: Hardware RCE affecting every every single device connected to the internet.

@noodlez7101 Месяц назад

May 1st: IRL RCE that allows you to become God.

@bsodcat Месяц назад

Pov you are on TempleOS: 🗿

@kidnamedfinger.productions Месяц назад

@@noodlez7101Considering the first neuralink brain implant was installed successfully, there's not much time left until RCE that allows you to literally get a botnet of living people under control.

@Mitch-xo1rd Месяц назад

May 30, Elon musk discovers rce irl and paywalls the sun

@stevengill1736 Месяц назад

June 1st: the singularity begins, but no one notices because they're too busy watching monkey videos on Tik Tok....

@heroslippy6666 Месяц назад

Ayyy Perl still on the list! 0.1% we are still under the care of the old and wise monks.

@anon8510 Месяц назад

based perl enjoyer

@Wren1 Месяц назад

What's more surprising is that ColdFusion still exists. Like PHP, I guess they need scripting languages that even minimum wage, computer illiterate script kiddies can copy and paste spaghetti code for.

@hotrodjones74 Месяц назад

ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-0jK0ytvjv-E.htmlsi=n9BeRV1JsuCrxq0b

@hotrodjones74 Месяц назад

What happened in the 80s stayed in the 80s except for Perl.

@ddlc_monika Месяц назад

People like me use PERL I went into IT wanting a website with 15 so HTML/CSS first, later on I wanted dynamic stuff so PHP it was. Fast forward to my second job, JavaScript was still something you use precisely on websites and nowhere else, and Python was still a weird mess with shit syntax nobody trusted, I needed something to take one XML as input and shit out another one, never heard of XSLT or XPath, all I knew was PHP and Regex. PERL came in clutch, I learned enough of it in like 10 minutes and immediately it just werked for me. Never used it outside of that due to my current job not giving us sysadmin to install software but man, in my old job I even got props from the local actual programmers because most of them only did C# and were down the OOP Rabbit Hole to bad to be quickhacking little stuff. If you want to survive in the rapidly evolving tech landscape outside of FAGMAN you'll be surprised how much legacy shit you will inevitably find, how useful powerful text handling can be and how very much in demand older stuff still is, because all the systems in most bigger companies are a legacy crap festival. If you hate learning a new framework every week, go into finance, banking, aviation or traffic control.

@Remigrator Месяц назад

I code in PHP for 20 years now and I cannot remember a time when PHP was NOT vulnerable 🤣

@blb8738 Месяц назад

Hey. Does this vulnerability require the PHP code to explicitly convert from one charset to another? So if a website just expects user input to be in UTF8 , it's safe. Just don't use mb_convert_encoding function that's enough right?

@hthring Месяц назад

php for life bro

@marcogenovesi8570 Месяц назад

it's a feature not a bug. Job Security

@fuki98 Месяц назад

PHP Numero Uno

@SGresponse Месяц назад

If it's a common LAMP vulnerability, then I bet you there's gonna be a no-brain-to-use script to do the hack 1 day after the talk goes live and a crawler 3 hours afterwards scrounging for visibile servers that are not updated and it will find MILLIONS of servers to up-root and there might even be a botnet fight on the servers when one bot de-admins the other in a back-and-forth escalation.

@wereisaly Месяц назад

Im hyped

@rnts08 Месяц назад

The dead internet is real 😂

@nnnik3595 Месяц назад

Sure hope that updating all these package update I did on all our dockers and vms updated to the new glibc version.

@SquaresToOvals Месяц назад

War has become a series of proxy battles fought by AI

@ET_AYY_LMAO Месяц назад

Not at all, read the CVE. its a 4 byte overflow, when using iconv with a specific chinese encoding that is NEVER used in the west. Also why would the end user be in control of the encoding format for iconv? Realistically that would never happen, unless the site is a PHP sandbox.

@Hepad_ Месяц назад

Don't care, still using vulnerable software for my critical operations.

@carnivorebear6582 Месяц назад

Patches are for cowards

@vaisakhkm783 Месяц назад

🙃 let me check, give me your ip

@theblankuser Месяц назад

Hell yeah

@DonVigaDeFierro Месяц назад

You guys are silly, they're gonna be looking for SECURE data!

@SIMULATAN Месяц назад

No risk no fun

@K0sm Месяц назад

I love to wake up to an email of the french public administration warning me that they are too stupid to practice good opsec and now my social security number, name , email and so on are for sale.

@rusi6219 Месяц назад

I mean your president is a gay who "married" a man who molested him as a child so no wonder

@bosch5303 Месяц назад

I work in french medical sector and most of it relies on outdated and insecure technologies from around 2000s :)

@alainportant6412 Месяц назад

why didnt I get one

@charlesp.8555 Месяц назад

I clicked on the link in that email to "read the best practices to protect myself". You have to select which case applies to you but "absolute incompétence from the administration" isn't an option.

@fuki98 Месяц назад

Didn't this also happen to Guatemala or something? Scary

@charautreal Месяц назад

Can we not have big software vulnerabilities... for 5 damn minutes?!

@futuza Месяц назад

Gotta stop writing code then

@MissiFull Месяц назад

@stevengill1736 Месяц назад

Welcome to the singularity...

@AttacMage Месяц назад

I'll go add some unsafe eval() queries to my python code rq. just for you :)

@Necessarius Месяц назад

Welcome to our job; we all make code vulnerable. We just don't know when or with what language, but it could certainly be any of them.

@kazwalker764 Месяц назад

Alpine is commonly used in production, most shops using container based deployments that I've seen use it, most of those using k8s. It's also the default base image for Phoenix/Elixir apps.

@bloodonthesnow Месяц назад

can confirm - using it in containers on prod for years

@xanderplayz3446 Месяц назад

And the default base Docker image of Gitea instances.

@pcap8810 Месяц назад

I've been doing this for 4 or 5 years at least now

@Kabodanki Месяц назад

Except with solved DNS issues (ndots), alpine is very good. Widely used in production

@jwmcq Месяц назад

Alpine Linux is used in production a lot more than you'd think. You wouldn't run a server on it, but the small size makes it great for init / sidecar containers in a kubernetes workload, for instance.

@illsmackudown Месяц назад

How asinine and embarrassing 🤣

@vito2320 Месяц назад

You are born to deploy kubernetess clusters. Lol

@Deliverygirl Месяц назад

@@vito2320 It's the sysadmin equivalent of living in the pod and eating the bugs, you hate to see it.

@DanteS-119 Месяц назад

Awwww :/ alpine is great for this stuff lol

@schlickit628 2 дня назад

I don’t understand the negative responses to this. Less code means less surface area for vulnerabilities. It’s not just glibc, openrc and ash instead of systemd and bash. When you all set up a server do you need user services or array functionality in your shell, because I sure don’t.

@CGoody564 Месяц назад

Questioning the open-source model because bugs are actually being found is odd to me... That is the additional public scrutiny doing exactly what it's supposed to do. You know if these bugs weren't found, they'd still be there... You wanna find out the hard way, or do you wanna find out during "security month" as a part of a semi-collaborative effort to make shit better?

@MrFram Месяц назад

Even if you are to take FOSS CVEs as indicating a problem, we just had a windows issue like 2 weeks ago and instead of MS fixing it, the programming languages had to add workarounds to avoid triggering it, which tells you all you need to know

@Binxalot Месяц назад

seriously, this is the entire point of open source software and why it's so important for community involvement in software development. When it comes to Apple/MS your system gets hacked and you'll never know or know why.

@jesusmods1 Месяц назад

Is like that movie where a kid deciphers some kind of goverment code and instead of making a better encoding algorithm they try to kill the child haha

@a__duck Месяц назад

I am so glad I can't do anything about this!

@flamingspinach Месяц назад

The escape sequences you talk about around 4:09 are not for indicating that the computer should convert to this character set, it's actually that the character set is constructed out of multiple swappable sub-charsets (called "planes") and the escape sequences are used to indicate that at that point in the text, the encoding is jumping from the current plane to a different one. See the wikipedia article on "ISO/IEC_2022", subsection "Other 7-bit versions", for more info.

@alainportant6412 Месяц назад

nerd

@gibrains Месяц назад

What's good about it is that it's open source. When issues arise, we address them. It's completely open-something you can't rely on in proprietary modes. You don't even know if their software is vulnerable or not. Even when they update, you don't know what they're actually updating. #windows.

@nectronomeflower4895 Месяц назад

Windows isn’t actually vulnerable to this bug lmao

@luszczi Месяц назад

Blue teams everywhere having a really shitty month.

@rideroftheforce5245 Месяц назад

Red teams everywhere are about to have a field day

@alonsoACR 20 дней назад

@@rideroftheforce5245 what does this mean

@rideroftheforce5245 17 дней назад

@@alonsoACR I was just saying that red team pen testers are going to have a lot of successful attacks on their clients in the near future with this vulnerability

@rusi6219 Месяц назад

Boy oh boy if only the entire web was rewritten in rust am i right sisters?

@100c0c Месяц назад

😂

@Alexagrigorieff Месяц назад

With the runtime which calls this glibc function?

@QuantumKurator Месяц назад

Best functional backdrop I have seen on youtube

@ButtKickington Месяц назад

Oh boy, I thought for sure this would be a headache for me. Luckily our code is too spaghetti to handle multiple character sets.

@holetarget4925 Месяц назад

IMAGINE HOW MAY WP SITE HAD BEEN BACKDOORED INT HE LAST 24 YEARS

@MrCobalt Месяц назад

Trust me, WordPress sites didn't need this bug to be considered insecure. WordPress has consistently been a security nightmare.

@iiisaac1312 Месяц назад

They deserve it for using WP.

@SGresponse Месяц назад

Imagine how many will be after the talk. You can't expect them to UPDATE their servers? I mean that entails actually hiring a tech to do it! Expensive stuff.

@socialkruption Месяц назад

@@iiisaac1312 Wordpress bro here, I enjoy my lambo, don't mad.

@holetarget4925 Месяц назад

@@SGresponse 70% of the web is build on Php….this a total car crash

@bigmango202 Месяц назад

Can't wait until I get confirmation that my house has massive vulnerabilities and there's people living in my walla

Месяц назад

Rewrite Wordpress in Rust

@MentalOutlaw Месяц назад

Lol well that would save me from the difficult journey of rewriting my eCommerce site in Rust.

@kidnamedfinger.productions Месяц назад

@@MentalOutlaw We need to fork rust to make the compiler punch devs into the balls every time they make a mistake, so that way they won't code any bugs even when writing in other languages (they most likely won't code at all tho)

@spl45hz Месяц назад

I will do that if you promise to port 30% of plugins

@kidnamedfinger.productions Месяц назад

@@_________________404 Lemme tell you something, almost every compiled programming language uses LLVM as it's backend mostly because it's good and let's you bind your code with other programming languages that use LLVM too. Rust has a compiler, but a frontend which checks your code, LLVM does the dirty work. It's not even about rust, I don't know why would you even comment that it's just stupid.

@kidnamedfinger.productions Месяц назад

@@_________________404 What's so good do you find about C++ compared to rust tho? Have you ever tried them or you just made up your opinion from some RU-vid video and now yelling it everywhere?

@Alrauna Месяц назад

Oh boy, update time again

@thefloridaman6527 Месяц назад

I installed a fixed version of glibc for Debian buster for our website host right away 😄 Thanks

@minefacex Месяц назад

Each time a PHP CVE drops PHP-chan appears in my feed.

@Rodelero Месяц назад

Your thumbnails bring joy to my heart Mental Outlaw😂!

@jazzjohnson5260 Месяц назад

More vulnerabilities this month very fun

@polarfamily6222 Месяц назад

LAMP has been somewhat vulnerable in one way or another for quite a while now.

@kidnamedfinger.productions Месяц назад

I don't get why anybody would use php in 2024, go is a much better alternative for the backend, for frontend just use svelte.

@WarkWarbly Месяц назад

I remember when there was a bug that had existed in the sudo framework that had existed for quite some time. Not as long as this bug, but still there for years.

@zhon5311 Месяц назад

2024 is the year of the security vulnerabilities

@SeeWhatIs Месяц назад

114/366 year is unlocked

@finlanderxx Месяц назад

Year of obscure vulnerabilities. Like who converts characters from UCS4 to ISO-2022-CN-EXT or haves unstable packages in production or allowing everybody running CLI commands remotely

@mawnkey Месяц назад

I just wanna know who hooked ChatGPT up to metasploit and told it to go ham.

@A1A. Месяц назад

New kenny upload!!🎉 ✨You are our favourite/based/red pilled honey pot chanel ✨😝

@sleepysapphire2349 Месяц назад

That anime thumbnail caught my eye. I thought this was going to be a vtuber's video.

@MonochromeWench Месяц назад

Web servers should just be able to say no, I only support utf8/utf16 and get rid of all the character set conversion nonsense server side, but the webservers are accommodating to what the browser asks for even if it far from appropriate for the site's content.

@veritas7010 Месяц назад

alpine is used often in prod, it's a lightweight base image for docker

@Ginfidel Месяц назад

Moon runes? Of course. -Gandalf

@bunnicula3221 Месяц назад

Counter argument: All applications are vulnerable. Software security keeps honest people away, it ain't gonna last forever against skilled/dedicated hackers.

@Deniil2000 Месяц назад

No, theoretically, software can be impenetrable

@tishaak2800 Месяц назад

@@Deniil2000but is in practicallity nearly impossible Doubt on would perfectly set everything up down to binary code and Electric components And even so, all it takes is a rare case of the suns radiation conviently changing that one 1/0 to mess it all up

@TheTubejunky Месяц назад

PHP perl was some of the first script used for phishing attacks. Good to see it's still knocking at system doors

@Xnoob545 Месяц назад

I read the title and my reaction was: "Well of course they are, this is PHP"

@AmosThacker-Gwaltney-hy7tc Месяц назад

I could be wrong but cursory Google searching shows that andres freund works for Microsoft and posgresql, meaning he contributes to open source but works under proprietary software leadershit?

@dfgdfg_ Месяц назад

Mental Outlaw, put some posters up, it'll make your space more cozy!

@ethanbloom114 Месяц назад

Your videos are so interesting

@dnoordink Месяц назад

"Much quicker" 24 years later... good one!

@anon8510 Месяц назад

did you miss the rest of the video?

@SerenadeURA Месяц назад

unless my reading comprehension is poor (a possibility) I believe this was discovered 24 years ago and only found to be truly exploitable 24 years later.

@anon8510 Месяц назад

@@SerenadeURA that's exactly it

@dnoordink Месяц назад

@@anon8510 So your conclusion is he didn't get to the point quick enough? Attention is a rare commodity these days.

@dnoordink Месяц назад

@@anon8510 Also good non-committal username. Choose better.

@ravenecho2410 Месяц назад

Alpine is standard like min linux distro for docker and k8s?

@robertdeckard2136 Месяц назад

Gentoo can optionally be set up with musl instead of glibc. Not sure how often this is done in practice however. I did my first Gentoo install only a few months ago.

@Stoney_Eagle Месяц назад

Oh boy am I glad to be running alpine in docker 😮

@apoc4223 Месяц назад

I had to check if there was any new information on the bug, but no. So far we don't actually know if it affects all php applications, where did you get that from? The post you cited even said it's application specific.

@Iceman259 Месяц назад

Hot bug summer

@twidoh9128 Месяц назад

Thanks Jason Tatum

@eqiliaaaa Месяц назад

Quack it, I'm writing my own kernel, my own libc, my own drivers and my own damn programs.

@retsim_x Месяц назад

Write your own vulnerabilities. Take charge! Nice.

@ra2enjoyer708 Месяц назад

Okay but how are you going to produce your own hardware?

@BanglaBitTheAi Месяц назад

Damn this year is wild

@mattm3023 Месяц назад

Actually paused the video and updated, though unattended-upgrades already took care of it. If youre using Ubuntu 22 then libc6 2.35-0ubuntu3.7 (check with ldd --version) is fixed despite being "under" 2.39.

@MentalOutlaw Месяц назад

Same thing happened on based.win backend, confirmed it this weekend when I saw the open wall post

@mattm3023 Месяц назад

@@MentalOutlaw Yeah might be a good video, ensuring security updates are on auto. Also, I'm kind of embarrassed how much I use LAMP but man its so fast to deploy

@amr3162 Месяц назад

2:08 alpine is not used in production? it's one of the most used distros used for docker containers

@nathanoher4865 Месяц назад

Perhaps that’s what he meant? Maybe he means the hosting servers not containers

@dyto2287 Месяц назад

We were discussing pentest with one company on our system and some part of your system was still in PHP. I remember them saying - "We don't pentest PHP because it's insecure by default. Get rid of it first" 😂

@GhiveciuMarian Месяц назад

yeah, sure ... what is not secure about php? is really weird that most of todays servers are powered by php, and WP on top of php, yet they do not get hacked left and right

@dyto2287 Месяц назад

@@GhiveciuMarian ...mOsT sErVeRs PoWeRed By pHp... 🥴 Having higher quantity of crap WP deployments doesn't mean that it's used more to serve actual http traffic.

@Sypaka Месяц назад

Days to next CVE: 0

@GydoMans Месяц назад

nice acoustics >.>

@thelonesalt1473 Месяц назад

What if your running the WP docker container, would i need to wait for an updated docker image from the developers so that the glibc that the docker image is using gets updated?

@whamer100 Месяц назад

Cant wait for the first ever 11/10 to be announced for the first time and its that someone found a way to just take over the universe because someone's toaster had an exposed copper cable into the matrix

@Marty234 Месяц назад

Great video brother!

@deidara_8598 Месяц назад

This is the pinnacle of PIKE MATCHBOX

@JRSofty Месяц назад

It would be nice to know if it is possible to mitigate the problem at the PHP level when you don't control the underlying server and cannot update the linux. Yet everyone seems to be talking about this Critical CVE which ramps up the stress, but there doesn't seem to be a clear path for mitigation.

@V3DT 12 дней назад

Even if you could prevent it in your PHP code, in most cases when have no control over the software on the host your using shared hosting. So even if you could prevent it in your code, everyone else running a site on the server would also have to make sure their code prevents it. Any decent company offering hosting should be keeping an eye out for exploits & updating the software ASAP when patches come out for severe bugs.

@ShatteredQvartz Месяц назад

Also, wtf with the Italian bots lmao

@elexbeats Месяц назад

I think it will be a great content if you show a way to encrypt ur harddrive so even people who has physical acces to it can’t find the recovery keys to decrypt

@Reelix Месяц назад

glibc version checker (Older than 2.39 are vulnerable) #include #include int main (void) { puts (gnu_get_libc_version ()); return 0; } Save as test.c Run: gcc test.c -o test ./test

@IvanStamenkovicSeemsIndie Месяц назад

Oh we will, Grafana exploit just landed..it's a fun month...

@zyxwv Месяц назад

Okay I'm new to all this (been coding with a goal to get gud for about a year or two), is this many RCE executions in such a short amount of time this common? (the xz one, this php one, that one discovered in rust, etc)

@adamterrence Месяц назад

thank you jayson tatum

@pierrejoye Месяц назад

as a fix, in case .40 is not available. One can disable these encodings as well. Still best to update glibc if possible.

@streettrialsandstuff Месяц назад

It's been like 10-15 years since last time I heard someone mention LAMP until today.

@F_Around_and_find_out Месяц назад

Many vulnerabilities being discovered lately is a good thing, because they are being seen, they are being fixed, and best of all you as the common user can know all of this. Proprietary software? Unless the people there do a press release, you won't know a damn thing. And there is a chance that there are less eyes to discover weird activities in the code too.

@Gameplayer55055 Месяц назад

We really need to rewrite that old gnu crap to rust with enhanced security

@StarryX0 Месяц назад

7:15 To be fair, the xz backdoor wouldn’t be discovered in windows for a long time, but it would probably wouldn’t be introduced from the first place.

@slateslavens Месяц назад

_"Little Bobby Tables"_ -XKCD

@karpfenboy Месяц назад

what makes you say virtually any PHP application? From what i can tell an application needs to take untrusted user input in the iconv function.

@sethjets4687 Месяц назад

Maybe... just maybe that is the way nemesis market got seized?

@pierrejoye Месяц назад

for the record, php on windows runs very well. Perform well too. it is still more common to run on Linux, not because php does not work on windows, but less portable user apps. But most framework and as long as conventions are respected, zero issues.

@Cryogenicbanana Месяц назад

So am I in the clear if I have a fresh install of linux mint with no extra apps other than discord and steam, I’m new to this shindig.

@moioyoyo848 Месяц назад

What a surprise

@isheamongus811 Месяц назад

What is thr earliest affected version? The first public release?

@hthring Месяц назад

also open source is more likely to have bugs found because people can analyse the code looking for vulnerabilities

@nothingtoseehere449 Месяц назад

is it suspected that a PHP vulnerability is why nemesis market was busted

@by010 Месяц назад

I started my dev life as LAMP stack dev. Still returning to LAMP for small gigs every now and then

@KeinNiemand Месяц назад

Is the fix for this flagged as critical or whatever needed for it to be automatically installed by unanttended upgrades?

@blenderpanzi Месяц назад

What other software us using iconv() and could potentially be affected?

@joshuamaserow Месяц назад

Thanks bro

@gabeforbes147 Месяц назад

First time on your page and bro you look like Jayson tatum

@stevengill1736 Месяц назад

When a malware comes up that can break out of a virtual machine sandbox, then we're in for trouble!😊

@gairisiuil Месяц назад

It's happened before (for example, the time they exploited gpu passthroughs to get into the host's graphics driver)

@Aranimda Месяц назад

Spectre, rowhammer.

@illsmackudown Месяц назад

Medicaaaatiiiooonss 😂😂😂😂😂😂😂

@mawnkey Месяц назад

I can still remember the conversation with my boss about Spectre. We immediately went to management on our DoD contract and got their cloud plans scuttled punctuated by "We told you so!"

@ra2enjoyer708 Месяц назад

They already can detect if they run in a vm or not.

@Gamesational1 Месяц назад

Crazy. I need to update php

@levvayner4509 Месяц назад

The known bugs is a SOP. Software is released with a list of known issues, that is developed as more people provide feedback. Teams will ensure any critical issues are fixed, but non-critical issues - especially ones that have workarounds, are often released.