Startup Parity Technologies released a new version of the client that fixed a bug that could turn off computers running Ethereum nodes.
The first to discover the vulnerability and report it to Parity was Scott Bigelow, vice president of blockchain development at Amberdata analytic startup. According to him, only a small part of Parity’s customers are at risk.
New Parity Ethereum release 2.5.7-stable / 2.6.2-beta protect against an RPC call vulnerability. Though the only nodes potentially affected are those who have manually enabled tracing or public-facing RPC, we recommend everyone to update. https://t.co/NaniWWTFS6
— Parity Technologies (@ParityTech) August 29, 2019
“Vulnerability could cause immediate failure of the Parity client,” the expert noted. “ There is no way to steal funds or commit other malicious actions, but you can turn off some of the Ethereum nodes.”
Parity Technologies encouraged users to upgrade their clients to the latest version as soon as possible, especially those where the publicly available RPC and transaction history tracking module are activated.
Remote Procedure Call (RPC) is a protocol that allows you to request program data on third-party servers. In the blockchain industry, it is used to obtain information on balances at addresses, block numbers, and other information.
To date, the Parity client uses about 21% of nodes in the Ethereum network (3257, according to EtherNodes ).
Earlier, ForkLog reported that an Ethereum hard fork called Istanbul could be ported due to the Parity team’s unwillingness to deploy key upgrades to the Ropsten test network at the indicated time.