Security Month: November 2018

December 4, 2018 Attacks, blog 0 Comments

November 2018 has not been a far cry from other months and it also revealed lot of vulnerabilities.

It has been found out that potentially dangerous Meltdown and Spectre vulnerabilities that affected a large family of modern processors proven that speculative execution attacks can be exploited in a trivial way to access highly sensitive information.

Out of 7 newly discovered attacks, two are Meltdown variants, named as Meltdown-PK and Meltdown-BR, and other 5 are new Spectre mistraining strategies.

Researchers dmeltdown-spectre-headeremonstrate all of the attacks in practical proof-of-concept attacks against processors from Intel, ARM, and AMD. For Spectre-PHT, all vendors have processors that are vulnerable to all four variants of mistraining, they say. (for further details follow the link)

Another serious side-channel vulnerability has been discovered in Intel CPUs that could allow an attacker to sniff out sensitive protected data, like passwords and cryptographic keys, from other processes running in the same CPU core with simultaneous multi-threading feature enabled.

The vulnerability, codenamed PortSmash (CVE-2018-5407), has joined the list of other dangerous side-channel vulnerabilities discovered in the past year, The simple fix for the PortSmash vulnerability is to disable SMT/Hyper-Threading in the CPU chip’s BIOS until Intel releases security patches. OpenSSL users can upgrade to OpenSSL 1.1.1 (For further details follow the link).

November has also brought another round of security updates for the Windows operating system and other Microsoft products.  This month Windows users and system administrators need to immediately take care of a total of 63 security vulnerabilities, of which 12 are rated critical, 49 important and one moderate and one low in severity (for further details follow the link).

Last but not the least, Apache Struts developers are urging users to update a file upload library due to the existence of two vulnerabilities that can be exploited for remote code execution and denial-of-service (DoS) attacks.  The Commons FileUpload library, which is the default file upload mechanism in Struts 2, is affected by a critical remote code execution vulnerability.  Malicious actors could exploit this flaw to launch DoS attacks on publicly accessible sites (for further details follow the link).

With all above mentioned on mind, we advise everyone to keep an eye on security patches and make updates once available, be aware of security flaws that may have a negative effect on your systems and business processes.