2010 Bug Wreaks Havoc In Germany

The New Acunetix V12 Engine

This was pretty unexpected for most people, the Y2K bug was so over-hyped then nothing really happened. Then suddenly 2010 comes and everything goes haywire!

The first big news that struck was Spam Assassin which included all versions of cPanel, it started rejected almost all e-mails due to a bug in the spam detection rules with the 2010 date.

After that Symantec’s Endpoint Protection Manager caused a storm and a bunch of other stopped working, stopped updating or started acting weirdly.

A delayed Y2K bug has bitten hard at some 30 million holders of German debit and credit cards, making it impossible for them to use automatic teller machines and point-of-sale terminals since New Year’s Day.

Multiple news agencies said the outage stemmed from card chips that couldn’t recognize the year 2010. The DSGV, an association representing German banks, said engineers were working diligently to fix the problem, but a full resolution might not come until Monday.

The outage affected 20 million EC, or electronic cash, cards, which act as debit cards, and 3.5 million credit cards, according to the DSGV. A separate bank association known as BDB said about 2.5 million of its cards suffered from the same problem and another 4 million cards issued by Germany’s cooperative banks were at least partially touched.

The latest big news to hit is pretty huge, 30 million German customers are unable to use their debit or credit cars as the chips couldn’t process the 2010 date.

This is pretty serious as it needs a physical card replacement so could be very costly and time consuming for the banks involved.

It’ll be interesting to see what kind of solution they can come up with.

The reports are the latest to involve the inability of computers to properly handle the 2010 date. Just after midnight on New Year’s Day, Symantec’s Endpoint Protection Manager stopped accepting updates after it was hit by its own 2010 date bug. Soon after the first of the year, SpamAssassin began blocking huge amounts of legitimate email because they included the 2010 in their headers, a date so far off the spam filter assumed they had to be junk.

Kaspersky software also experienced massive update problems on December 30, according to support forums, but it’s not clear the new year had anything to do with them.

The German payment card snafu hit a variety of banks, although customers of Deutsche Bank reportedly were not affected. More from the AFP and Dow Jones is here and here.

I wonder how many other pieces of software are currently malfunctioning but no-one knows about it, I hope my banks accounting software has screwed up and it’s crediting me with 500% daily interest!

I’m sure there are plenty of other cases too that haven’t been reported (or at least not reported yet).

We’ll have to wait and see how widespread this 2010 bug really is.

Source: The Register

Posted in: Secure Coding

Latest Posts:

Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.
Four Year Old libSSH Bug Leaves Servers Wide Open Four Year Old libssh Bug Leaves Servers Wide Open
A fairly serious 4-year old libssh bug has left servers vulnerable to remote compromise, fortunately, the attack surface isn't that big as neither OpenSSH or the GitHub implementation are affected.
CHIPSEC - Platform Security Assessment Framework CHIPSEC – Platform Security Assessment Framework For Firmware Hacking
CHIPSEC is a platform security assessment framework for PCs including hardware, system firmware (BIOS/UEFI), and platform components for firmware hacking.

4 Responses to 2010 Bug Wreaks Havoc In Germany

  1. Steve January 6, 2010 at 10:18 am #

    Looks like some Australian services were affected by something similar.

    2016 glitch at Bankwest too

  2. Jigoku969 January 6, 2010 at 10:50 am #

    yea this thing is really annoying, my credit card isn’t working , too:-(

  3. cbrp1r8 January 6, 2010 at 6:52 pm #

    “I hope my banks accounting software has screwed up and it

  4. Sebastian January 6, 2010 at 7:24 pm #

    There is a workaround. You can place a little cellotape on the chip, this will force most card readers to fallback on the magnetic strip. The magnetic strip is very insecure though!