### Summary
Due to a gap in validation of federated content in the affected Mastodon versions, attackers can craft payloads that impersonate remote federated accounts as-seen-from the affected s...
Indeed but we’ve observed that compiled binaries still take actors that little bit longer (~24h) before developing exploits which, when you’re trying to buy time for users to patch, is invaluable.
Hopefully we won’t see widespread exploration before patches are applied as I can imagine a lot of instances’ infrastructure isn’t architected and managed with the level of care you see from larger orgs given how many are hobbyist efforts.
Federated services don’t need negative press this early on. It’ll only serve Meta and enterprise-created and controlled services.
Indeed but we’ve observed that compiled binaries still take actors that little bit longer (~24h) before developing exploits which, when you’re trying to buy time for users to patch, is invaluable.
Hopefully we won’t see widespread exploration before patches are applied as I can imagine a lot of instances’ infrastructure isn’t architected and managed with the level of care you see from larger orgs given how many are hobbyist efforts.
Federated services don’t need negative press this early on. It’ll only serve Meta and enterprise-created and controlled services.