The nonprofit Matrix Foundation, behind the federated communications protocol of the same name, announced this week patching what it described as two high-severity vulnerabilities that could have had catastrophic impact if exploited by sufficiently malicious actors.
The off-cycle security release, which does not detail the specific nature of the bugs, suggests potential attacks where malicious actors could be enabled to seize control of classified discussion spaces, which numerous governments use Matrix for.
A spokesperson for the Matrix Foundation said “the vulnerabilities were discovered as part of an ongoing joint security research project at Element and the Matrix.org Foundation,” and added that they not aware of the vulnerabilities ever being exploited in the wild.
The update was described as “an exceptionally complicated project to coordinate” by the protocol’s co-founder and chief executive Matthew Hodgson, who added “its security implications required us to deviate from our usual [Matrix Spec Change] process and develop the changes under embargo.”
While full details about the vulnerabilities have not been released yet, they appear to focus on group permissions and room ID generation. Apparently, it is possible for a malicious administrator to revoke the positions of the group chat creator and for someone to guess the Room ID before it is generated.
Off-cycle patches have been released. Make sure to update if you operate any Matrix instances!