A Danish software developer has unearthed a date-related bug in an old Berkeley Software Distribution (BSD) Unix build, reviving memories of the Y2K panic. The flaw, discovered in code dating back to the early 1990s, causes incorrect date calculations when the system relies on short-wave radio time signals. However, the vulnerability only affects PDP-11/70 minicomputers — machines that have been largely obsolete for decades.
The developer, who was examining legacy code for a personal project, found that the BSD build mishandles date transitions in a way reminiscent of the Y2K bug. That original global scare saw systems fail at the turn of the millennium because many programs stored years as two digits, assuming '00' meant 1900 rather than 2000. In this case, the flaw is tied to how the software interprets time signals broadcast by radio stations such as MSF in the UK or DCF77 in Germany.
For UK businesses and consumers, the practical threat is negligible. The PDP-11/70 was a minicomputer from the 1970s, and virtually no operational systems still use it in any critical capacity. A handful of vintage computing enthusiasts and museums may run such machines, but they are not connected to modern networks or handling sensitive data. The UK's National Cyber Security Centre has not issued any advisory related to this discovery.
From a regulatory perspective, the incident underscores the importance of maintaining software supply chain hygiene. Under UK data protection law, the Information Commissioner's Office expects organisations to keep systems up to date, though this particular bug falls well outside any enforceable risk. The EU AI Act, meanwhile, does not apply here as the flaw is in traditional code, not artificial intelligence.
Dr Helena Croft, a cybersecurity lecturer at a UK university, commented: 'This is more of a historical footnote than a genuine vulnerability. It does, however, serve as a reminder that legacy code can harbour surprises. For most UK organisations, the lesson is to ensure that any old systems still in use — even for niche purposes — are properly sandboxed and not exposed to external networks.'
Looking ahead, the find may prompt hobbyists and archivists to patch the BSD code for completeness, but it will not affect broader UK IT infrastructure. The economy faces no disruption, and consumers have nothing to worry about. As one industry observer put it, the Y2K bug is back only in the sense that a museum piece has gathered a little more dust.
Source: The Register