Big Bugs of the Week - Jan 15, 2024

Payroll 'glitch' Leads to Riots and Lost Lives

Government systems continue to showcase poor software quality.  In this case, a misconfigured payroll system in the small country of Papua New Guinea caused employees' pay to be taxed at a higher rate.  Not aware of the software misconfiguration, the employees saw their pay decrease by up to half with the faulty payroll run.  Chaos ensued as people began riots and looting.  As a result of the protests, it was reported that up to 22 people are believed to have died. 

 Use Your Turn Signal! Or Not 

Volvo has recalled more than 17,000 cars in the US due to a fault causing one of the turn signals to potentially not function.  The supplier of the software module, Aptiv Deutschland, and will likely be tagged to provide the fix.  

Stop Injecting My Template 

Our Atlassian friends are reporting a vulnerability rated as severity 10 (their rating system) that could allow for an unauthenticated attacker to achieve remote code execution with a template injection.  This is only for server-installed versions of Confluence Data Center and Confluence Server.  All cloud versions are not affected. 

Washing Your Wifi 

Not yet determined if this is a bug (or LG won't admit it) but a customer complained that their LG washing machine was sending up to 3.6GB of data daily through their home router.   Possibilities of why this was happening ranged from a bug to a cyber attack. 

This is one downside of connected devices.  I would guess this scenario happens often, but very few people scan their router for suspicious appliance activity.  Also, should we have to?