Looker data flaws hit firms

Two Looker flaws allow data theft. Hackers can take over servers via Git hooks. SQL injection can steal user credentials. Update Looker now.

Summarized by AI ⓘ

What is the story about?

Two major security holes in Google's Looker tool, 'LookOut,' could allow hackers to access sensitive company data. Discover what these vulnerabilities mean for your business and how to protect yourself.

Major Security Flaws Unveiled

Security experts have recently brought to light two severe security weaknesses affecting Google's Looker platform, a crucial tool relied upon by more than

60,000 organizations for managing their vital business information. These newly identified vulnerabilities, collectively referred to as 'LookOut,' present a substantial threat, particularly to businesses that manage their Looker instances independently, either through self-hosting or on-premises setups. The potential consequences are dire, ranging from unauthorized server takeovers to the exfiltration of highly sensitive proprietary data. The researchers' findings underscore the critical need for immediate attention and action from affected organizations to prevent potential breaches and safeguard their digital assets. The interconnected nature of business data, often managed through platforms like Looker, makes such vulnerabilities a paramount concern in today's digital landscape.

Exploitation Pathways Detailed

The identified vulnerabilities within the Looker system are categorized as 'critical,' signaling a high potential for severe data leakage. One of these flaws opens the door for malicious actors to execute arbitrary code directly on a company's server by exploiting Git hooks, a feature typically used for managing code repositories. This means an attacker could potentially inject harmful commands and gain control over the server's operations. The second vulnerability is a sophisticated SQL injection attack that targets Looker's internal database. This type of exploit could allow an intruder to retrieve sensitive information, including user credentials, passwords, and other confidential secrets stored within the Looker environment. Liv Matan from Tenable aptly described Looker as the 'central nervous system' for a company's information, highlighting the profound implications of these security gaps.

Urgent Action Required

In light of these critical security findings, it is imperative for all users of Google Looker to update their installations as a matter of extreme urgency. For those utilizing the cloud-hosted version of Looker, Google has already implemented the necessary fixes, mitigating the risk for these users. However, companies that manage their own Looker deployments must take immediate action. Recommended update versions to ensure protection include 25.12.30 and above, 25.10.54 and above, 25.6.79 and above, 25.0.89 and above, and 24.18.209 and above. Additionally, as a precautionary measure, users are advised to meticulously examine their .git/hooks/ folder for any unusual or unauthorized files, ensuring a comprehensive approach to security. Proactive vigilance and swift updates are the most effective defenses against such sophisticated cyber threats.