From thehackernews.com
![kde desktop linux vulnerability](https://1.bp.blogspot.com/-F42V3RvRtIM/XUp9KXvcWRI/AAAAAAAA0pM/FZVXRCu-KvQiYy9ZXfHKcgKtbdke1P9swCLcBGAs/s728-e100/kde-desktop-linux-vulnerability.jpg)
If you are running a KDE desktop environment on your Linux operating system, you need to be extra careful and avoid downloading any “.desktop” or “.directory” file for a while.
A cybersecurity researcher has disclosed an unpatched zero-day vulnerability in the KDE software framework that could allow maliciously crafted .desktop and .directory files to silently run arbitrary code on a user’s computer—without even requiring the victim to actually open it.
KDE Plasma is one of the most popular open-source widget-based desktop environment for Linux users and comes as a default desktop environment on many Linux distributions, such as Manjaro, openSUSE, Kubuntu, and PCLinuxOS.