Comments
Intel Processor Security Flaw Prompts Kernel Makeovers in Linux, Windows
Newest First  |  Oldest First  |  Threaded View
Ludivina
50%
50%
Ludivina,
User Rank: Strategist
2/3/2018 | 8:28:18 PM
Re: ...and what about IG followers for Apple's?
Well, there were different mentions from different blogs. Can you please tell me where did you found those sentences at?
BowlOfPetunias
50%
50%
BowlOfPetunias,
User Rank: Apprentice
2/1/2018 | 4:54:09 AM
And then what?
Suppose an attacker succeeds in exploiting this. What do they get back? A long string of jumbled text and numbers that looks like it might be a password? How do they know it's a password? How do they know it's all of the password and not cut short? I'm not totally clear how much of a benefit there is to an attacker. Probably not an instant win for the attacker, anyway. Some himan input would be needed from them.
dan91266
50%
50%
dan91266,
User Rank: Apprentice
1/31/2018 | 11:04:41 PM
Re: ...and what about Apple?
Still pretfy quiet on 'sploits for this... Calm before the storm, or much ado about othing?
dan91266
50%
50%
dan91266,
User Rank: Apprentice
1/19/2018 | 12:57:39 PM
Re: ...and what about IG followers for Apple's?
Another analyst here sumbled across a place called skyfallattack.com.  Could be a wateringhole attack in and of itself, so proceed with caution.   It's been almost 24 hours since it came up and I am thinking that if it were credible it would be HUGE news, but not hearing much. 

As always, take everything with a healthy grain of salt. I am HIGHLY skepticcal but thought it worth mentioning.

A genuine sploit for this would be AWEFUL.  So far though, it seems like all the benfits the hypothetical attack vector brings are more easily achieved other ways.  As in "Click here to claim your prize...

 

Cheers,

Dan91266
BrianN060
50%
50%
BrianN060,
User Rank: Ninja
1/19/2018 | 11:37:40 AM
Re: M/S exploits in the wild?
Reports of weaponized versions of the M/S exploits are not the same as evidence that some attacker has used them, or tried.  As attacks would likely be sophisticated, and against high-value targets; the attacks may have already begun - just not yet noticed. 

We have to consider that any victims might be slow to admit the fact. We also have to consider that existing vulnerabilities, exploits and attack vectors are causing more than enough damage without M/S.  Is there a danger of putting too much focus on, and too many resources defending against, the potential?
dan91266
50%
50%
dan91266,
User Rank: Apprentice
1/18/2018 | 9:42:52 PM
Re: ...and what about Apple?
Well one source is finally reporting today that they have seen weaponized versions of these sploits. They claim they cannot release details due to government restrictions or until chip vendors fix this, they are not entirely clear.

No confirmation yet that I have seen from a reliable source of truth so this may just be a really mean watering hole attack of some sort, or it may be the real deal.  If IBM X-Force, Cisco, or Microsoft or other reliable source confirms this... Katie bar the door!

My bet is that if this gets real you are suddenly going to see a prolifertion of non Intel, AMD, ARM custom ASICS with proprietary micro-code become real popular, real quick.  With virtualization technology so good, there is scant reason to run risky hardware, RISCy maybe, but not risky (sorry, couldn'resist the pun). I think the point is valid though, all puns aside.

This could get interesting fast. Wonder what the Rainbow Book/NIST guys have to handle this.  I understand that if you run trusted code (Cert signed code, I think), you are not vulnerable to the 'sploits. But who the heck runs 100% Microsoft signed code?

BTW, you Apple folks could be in the, uh sh*thole (to use a currently popular epithet) also. Lotta Macs on Intel silicon aren't there?

 

Cheers,

Dan S.
BrianN060
50%
50%
BrianN060,
User Rank: Ninja
1/17/2018 | 2:12:14 PM
Re: ...and what about IG followers for Apple's?
I've been listening for the other shoe to drop, too. 

One the one side, exploiting these vulnerabilities seems to require a sophisticated, targeted, attack - indicating a high-value target, and stealth.  On the other, there is a window that will close, as more and better mitigations/solutions are developed and applied - so if they are going to leverage these vulnerabilities, they have to move quickly. 

What attackers could be after is not a quick score, but the prerequisites for a big score at some point in the future.  Could be we won't see signs of a significant exploitation unless and until forensics from that future hit point back to access and assets gained now. 
dan91266
50%
50%
dan91266,
User Rank: Apprentice
1/16/2018 | 4:17:46 PM
Re: ...and what about IG followers for Apple's?
Has ANYONE reported an actual threat that uses these exploits?  Seems like this is still pretty theoretical at the moment.  It also looks like some facncy assembler code will be needed to exploit these vulnerabilities, or am I just not getting it?
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
1/4/2018 | 10:20:18 AM
Re: ...and what about Apple?
We'll be reporting more on this today, including about Apple. Stay tuned! thanks.
SchemaCzar
50%
50%
SchemaCzar,
User Rank: Strategist
1/4/2018 | 10:09:07 AM
...and what about Apple?
I'd expect some mention of Apple.  In other blogs, I saw a few sentences that said Apple had mitigation underway. Please finish the story!


Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
Don't Roll the Dice When Prioritizing Vulnerability Fixes
Ericka Chickowski, Contributing Writer, Dark Reading,  5/15/2018
New Mexico Man Sentenced on DDoS, Gun Charges
Dark Reading Staff 5/18/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Security through obscurity"
Current Issue
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-2607
PUBLISHED: 2018-05-21
jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting vulnerability in console notes (SECURITY-382). Jenkins allows plugins to annotate build logs, adding new content or changing the presentation of existing content while the build is running. Malicious Jenkins users...
CVE-2018-1108
PUBLISHED: 2018-05-21
kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated.
CVE-2018-11330
PUBLISHED: 2018-05-21
An issue was discovered in Pluck before 4.7.6. There is authenticated stored XSS because the character set for filenames is not properly restricted.
CVE-2018-11331
PUBLISHED: 2018-05-21
An issue was discovered in Pluck before 4.7.6. Remote PHP code execution is possible because the set of disallowed filetypes for uploads in missing some applicable ones such as .phtml and .htaccess.
CVE-2018-7687
PUBLISHED: 2018-05-21
The Micro Focus Client for OES before version 2 SP4 IR8a has a vulnerability that could allow a local attacker to elevate privileges via a buffer overflow in ncfsd.sys.