Found on Ars Technica — "Critical Git bug allows malicious code execution on client machines":
Developers who use the official Git client and related software are being urged to install a security update that kills a bug that could allow attackers to hijack end-user computers.
The critical vulnerability affects all Windows- and Mac-based versions of the official Git client and related software that interacts with Git repositories, according to an advisory published Thursday. The bug can be exploited to give remote code execution when the client software accesses booby-trapped Git repositories.
(Score: 2) by Nerdfest on Monday December 22 2014, @09:32PM
I don't these vulnerabilities are found due to being targeted, or at least not that I'm aware of. I don't recall seeing 'active exploits' mentioned in any of them, but that could be just bad reporting. I think they're being discovered because people are actively looking for them more these days, especially after the SSL debacle.
(Score: 2) by dyingtolive on Monday December 22 2014, @09:36PM
Your theory is more optimistic all around. I think I prefer it.
Don't blame me, I voted for moose wang!