Blog posts written by Alex Murray

Alex Murray
24 April 2024

What’s new in security for Ubuntu 24.04 LTS?

Article Confidential computing

We’re excited about the upcoming Ubuntu 24.04 LTS release, Noble Numbat. Like all Ubuntu releases, Ubuntu 24.04 LTS comes with 5 years of free security maintenance for the main repository. Support can be expanded for an extra 5 years, and to include the universe repository, via Ubuntu Pro. Organisations looking to keep...

Alex Murray
24 April 2024

Alex Murray
20 July 2023

Securing open source through CVE prioritisation

Article Cloud and server

According to a recent study, 96% of applications in the enterprise market use open-source software. As the open source landscape becomes more and more fragmented, the task to assess the impact of potential security vulnerabilities for an organisation can become overwhelming. Ubuntu is known as one of the most secure...

Alex Murray
20 July 2023

Alex Murray
27 June 2022

What’s new in Security for Ubuntu 22.04 LTS?

Article Ubuntu

Canonical Ubuntu 22.04 LTS is the latest long term support release of Ubuntu, one of the world’s most popular Linux distributions. As a Long Term Support release, Ubuntu 22.04 LTS will be supported for 10 years, receiving both extended security updates and kernel livepatching via an Ubuntu Advantage subscription (which...

Alex Murray
27 June 2022

Alex Murray
19 October 2021

What’s new in security for Ubuntu 21.10?

Article Ubuntu

Ubuntu 21.10 is the latest release of Ubuntu and comes as the last interim release before the forthcoming 22.04 LTS release due in April 2022. As the interim releases are often proving grounds for upcoming features in the LTS releases, this provides a good opportunity to take stock of some of the latest security features

Alex Murray
19 October 2021

Alex Murray
19 May 2021

What’s new in security for Ubuntu 21.04?

Article Cloud and server

Ubuntu 21.04 is the latest release of Ubuntu and comes at the mid-point between the most recent Long Term Supported (LTS) release of Ubuntu 20.04 LTS and the forthcoming 22.04 LTS release due in April 2022. This provides a good opportunity to take stock of some of the latest security features delivered in this release,

Alex Murray
19 May 2021

Alex Murray
9 April 2021

Security podcast: March

Article Security

The Security Podcast covers the most interesting security fixes around Ubuntu, with in-depth discussions around the latest vulnerabilities and updates.

Alex Murray
9 April 2021

Alex Murray
8 March 2021

Security podcast: February

Article Security

The Security Podcast covers the most interesting security fixes around Ubuntu, with in-depth discussions around the latest vulnerabilities and updates.

Alex Murray
8 March 2021

Alex Murray
2 March 2021

GRUB2 Secure Boot Bypass 2021

Article Ubuntu

In August 2020, a set of security vulnerabilities in GRUB2 (the GRand Unified Bootloader version 2) collectively known as BootHole were disclosed. Today, another set of vulnerabilities in GRUB2 were disclosed, with similar implications. Because GRUB2 is a key component of the boot process, vulnerabilities in it can...

Alex Murray
2 March 2021

Alex Murray
1 February 2021

Private home directories for Ubuntu 21.04

Article Ubuntu

Ubuntu has evolved a lot since its early beginnings as an easier-to-use derivative of Debian that catered primarily to the nascent Linux desktop market. Today Ubuntu is deployed beyond just your laptops at home and in the office. Nowadays you are more likely to find Ubuntu in the cloud, powering some of the world’s best

Alex Murray
1 February 2021

Alex Murray
29 July 2020

Mitigating BootHole – ‘There’s a hole in the boot’ – CVE-2020-10713 and related vulnerabilities

Article Cloud and server

Responsible disclosure and coordinated response as a benefit to all Today we released USN-4432-1 announcing updates for a series of vulnerabilities termed BootHole / ‘There’s a hole in the boot’ in GRUB2 (GRand Unified Bootloader version 2) that could allow an attacker to subvert UEFI Secure Boot. The original...

Alex Murray
29 July 2020

Alex Murray
12 November 2019

Ubuntu updates to mitigate latest Intel hardware vulnerabilities

Article Cloud and server

Today, Intel announced a group of new vulnerabilities affecting various Intel CPUs and associated GPUs, known as TSX Asynchronous Abort (CVE-2019-11135), Intel® Processor Machine Check Error (CVE-2018-12207), and two Intel i915 graphics hardware vulnerabilities (CVE-2019-0155, CVE-2019-0154). TSX Asynchronous Abort...

Alex Murray
12 November 2019

Alex Murray
28 May 2019

Introducing the Ubuntu security podcast

Article People and culture

The Ubuntu Security Podcast is a weekly podcast covering all the latest news and developments from the Ubuntu Security team. Each week the team discuss the various security updates that have been published across the Ubuntu releases, describing the technical details of both the security vulnerabilities as well as the...

Alex Murray
28 May 2019

Alex Murray
14 May 2019

Ubuntu updates to mitigate new Microarchitectural Data Sampling (MDS) vulnerabilities

Article Cloud and server

Microarchitectural Data Sampling (MDS) describes a group of vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091) in various Intel microprocessors, which allow a malicious process to read various information from another process which is executing on the same CPU core. This occurs due to...

Alex Murray
14 May 2019

Alex Murray
1 November 2018

A guide to snap permissions and interfaces

Article Desktop

Snap is a Linux application package management system which allow developers to easily publish self contained software packages (snaps) that work across many distributions and versions of Linux. Snaps have security at their heart, and are designed to ensure all applications support the principle of least privilege /...

Alex Murray
1 November 2018

Alex Murray

Ubuntu Security Tech Lead