Git, the popular distributed revision control system, is warning uses about a critical security vulnerability that affects Windows and Mac users. According to GitHub, “An attacker can craft a malicious Git tree that will cause Git to overwrite its own .git/config file when cloning or checking out a repository, leading to arbitrary command execution in the client machine.” The issues does not affect Linux systems.
Git has released several updates, and users are encouraged to apply a patch as soon as possible. Several other development tools, including Microsoft Visual Studio, Apple’s Xcode and Mercurial, are also impacted by the bug and have also issued patches.
More information about the incident is available on GitHub’s blog.