A security researcher has disclosed an unpatched zero-day vulnerability in the KDE software framework that could allow maliciously crafted. desktop and. directory files to silently run arbitrary code on a user’s computer without even requiring the victim to actually open it. The vulnerability affects the popular open-source widget-based desktop environment for Linux users. Users are advised to update to version 5.61.0 of KDE Frameworks 5, while users on kdelibs should apply the patch for 4.14.
Source: https://thehackernews.com/2019/08/kde-desktop-linux-vulnerability.html

