Software Bugs Monthly Digest — October 2022

Following Halloween, we’d like to share something really terrifying.

Each month we read about the bugs that slipped through the cracks and caused some pretty serious issues for tech companies. October was not an exception. Software malfunctions, recalls, and security threats. Meet our latest bug digest.

Fatal defect

Japanese car giant Toyota had to recall 298 Toyota Yaris Hybrid 2020 cars in Australia due to severe software malfunction. This error can cause the vehicle to lose its motive power during sudden acceleration. According to the recall notice, such an issue “increases the risk of an accident, causing serious injury or death.”

To prevent this serious hazard to both drivers and other traffic participants, the company asked car owners to make an appointment with any Toyota dealer. Their specialists will then upgrade the software, and the issue will be eliminated.

Software errors might be fixed, but what about the company’s reputation? Toyota started the process in February, and it has since been tagged as “history’s largest product recalls.” The worst part is that, according to the US National Highway Traffic Safety Administration, faulty Toyotas might have caused 52 deaths in 43 crashes since 2000. Now, how does any corporation recover from that?

New OS update — new opportunities for hackers

Apple has already been featured in both of our previous bug digests. Unfortunately, at the end of the last month, the company made the headlines once again. And not for a good reason.

Apple’s new macOS 13 Ventura operating system was released on October 24 and brought along a swarm of new features. However, improvements came at a cost. It turns out that while fixing a vulnerability in its Ventura 11th developer beta, Apple introduced another defect that restrains third-party security products. In particular, they can’t get full disc access, which is essential for such programs to scan for malware. Because of this defect, an attacker can potentially circumvent security tools and disable them.

The developers of anti-malware software have already received multiple bug reports from users who noticed that something was wrong. Yet the experts say that those who upgraded their operating system to Ventura may be unaware that their security tools aren’t working. Apple stated that it would patch this vulnerability in the next macOS update, although it isn’t clear when it will happen.

Open-source communities at risk

Security researchers have recently found a high-severity defect in GitHub that could have resulted in an actual disaster. Using a technique called Repo Jacking, an attacker could take control of the repositories of renamed users and infect them with malicious code. This means that the hijacked software packages could have started serving malware to numerous users and applications.

However, developers using GitHub can heave a sign of relief. The company has already fixed this issue thanks to a warning by researchers. Nevertheless, experts use this case as an example of attackers constantly evolving their methods to hijack trusted open-source repositories. So, security specialists have to stay vigilant and prevent such vulnerabilities before hackers get the chance to use them in their favor.

Ready. Steady. Crash.

Last month, Nintendo Switch Sports servers were taken down for 4 days due to a bug in their 1.2.1. update version. This defect caused 2-player sessions to crash during the pre-match loading in both online and offline modes. Save data backup was also suspended.

Nintendo’s team rolled up their sleeves and came up with a bunch of solutions. First of all, they issued two new updates to fix the crashes and restore data backup. Secondly, they decided to compensate their fans for the downtime. The subscribers to the Nintendo Switch Online service got their membership period extended by a week, while gamers who earn points in the “Play Globally” mode got their earnings doubled. And that’s how you save a company’s reputation.

To sum up, this digest was quite saturated with some critical bugs. All the more reasons to start testing software products as soon as possible while defects are still easy to fix without severe consequences. Contact us and let our experienced team have a look at your software. We will help you prioritize those issues that require the most attention, and together we will make sure that your company name is never featured in our digest.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
QATestLab

QATestLab is an international provider of independent QA and testing services with 15 years of cross-industry experience. https://qatestlab.com/