Comments
Intel Processor Security Flaw Prompts Kernel Makeovers in Linux, Windows
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
caodangyduocsaigon
50%
50%
caodangyduocsaigon,
User Rank: Apprentice
6/1/2018 | 3:39:30 AM
Re: ...and what about Apple?
Renowned security expert Dan Kaminsky says without the details of the flaw out yet, it doesn't make sense to theorize about its ramifications. "I think we shouldn't speculate until the bug is disclosed," Kaminsky says. "Clearly, the notable part of this is whatever it is can't be addressed in microcode."
Ludivina
50%
50%
Ludivina,
User Rank: Strategist
2/3/2018 | 8:28:18 PM
Re: ...and what about IG followers for Apple's?
Well, there were different mentions from different blogs. Can you please tell me where did you found those sentences at?
BowlOfPetunias
50%
50%
BowlOfPetunias,
User Rank: Apprentice
2/1/2018 | 4:54:09 AM
And then what?
Suppose an attacker succeeds in exploiting this. What do they get back? A long string of jumbled text and numbers that looks like it might be a password? How do they know it's a password? How do they know it's all of the password and not cut short? I'm not totally clear how much of a benefit there is to an attacker. Probably not an instant win for the attacker, anyway. Some himan input would be needed from them.
dan91266
50%
50%
dan91266,
User Rank: Strategist
1/31/2018 | 11:04:41 PM
Re: ...and what about Apple?
Still pretfy quiet on 'sploits for this... Calm before the storm, or much ado about othing?
dan91266
50%
50%
dan91266,
User Rank: Strategist
1/19/2018 | 12:57:39 PM
Re: ...and what about IG followers for Apple's?
Another analyst here sumbled across a place called skyfallattack.com.  Could be a wateringhole attack in and of itself, so proceed with caution.   It's been almost 24 hours since it came up and I am thinking that if it were credible it would be HUGE news, but not hearing much. 

As always, take everything with a healthy grain of salt. I am HIGHLY skepticcal but thought it worth mentioning.

A genuine sploit for this would be AWEFUL.  So far though, it seems like all the benfits the hypothetical attack vector brings are more easily achieved other ways.  As in "Click here to claim your prize...

 

Cheers,

Dan91266
BrianN060
100%
0%
BrianN060,
User Rank: Ninja
1/19/2018 | 11:37:40 AM
Re: M/S exploits in the wild?
Reports of weaponized versions of the M/S exploits are not the same as evidence that some attacker has used them, or tried.  As attacks would likely be sophisticated, and against high-value targets; the attacks may have already begun - just not yet noticed. 

We have to consider that any victims might be slow to admit the fact. We also have to consider that existing vulnerabilities, exploits and attack vectors are causing more than enough damage without M/S.  Is there a danger of putting too much focus on, and too many resources defending against, the potential?
dan91266
50%
50%
dan91266,
User Rank: Strategist
1/18/2018 | 9:42:52 PM
Re: ...and what about Apple?
Well one source is finally reporting today that they have seen weaponized versions of these sploits. They claim they cannot release details due to government restrictions or until chip vendors fix this, they are not entirely clear.

No confirmation yet that I have seen from a reliable source of truth so this may just be a really mean watering hole attack of some sort, or it may be the real deal.  If IBM X-Force, Cisco, or Microsoft or other reliable source confirms this... Katie bar the door!

My bet is that if this gets real you are suddenly going to see a prolifertion of non Intel, AMD, ARM custom ASICS with proprietary micro-code become real popular, real quick.  With virtualization technology so good, there is scant reason to run risky hardware, RISCy maybe, but not risky (sorry, couldn'resist the pun). I think the point is valid though, all puns aside.

This could get interesting fast. Wonder what the Rainbow Book/NIST guys have to handle this.  I understand that if you run trusted code (Cert signed code, I think), you are not vulnerable to the 'sploits. But who the heck runs 100% Microsoft signed code?

BTW, you Apple folks could be in the, uh sh*thole (to use a currently popular epithet) also. Lotta Macs on Intel silicon aren't there?

 

Cheers,

Dan S.
BrianN060
50%
50%
BrianN060,
User Rank: Ninja
1/17/2018 | 2:12:14 PM
Re: ...and what about IG followers for Apple's?
I've been listening for the other shoe to drop, too. 

One the one side, exploiting these vulnerabilities seems to require a sophisticated, targeted, attack - indicating a high-value target, and stealth.  On the other, there is a window that will close, as more and better mitigations/solutions are developed and applied - so if they are going to leverage these vulnerabilities, they have to move quickly. 

What attackers could be after is not a quick score, but the prerequisites for a big score at some point in the future.  Could be we won't see signs of a significant exploitation unless and until forensics from that future hit point back to access and assets gained now. 
dan91266
50%
50%
dan91266,
User Rank: Strategist
1/16/2018 | 4:17:46 PM
Re: ...and what about IG followers for Apple's?
Has ANYONE reported an actual threat that uses these exploits?  Seems like this is still pretty theoretical at the moment.  It also looks like some facncy assembler code will be needed to exploit these vulnerabilities, or am I just not getting it?
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
1/4/2018 | 10:20:18 AM
Re: ...and what about Apple?
We'll be reporting more on this today, including about Apple. Stay tuned! thanks.
Page 1 / 2   >   >>


6 Security Trends for 2018/2019
Curtis Franklin Jr., Senior Editor at Dark Reading,  10/15/2018
6 Reasons Why Employees Violate Security Policies
Ericka Chickowski, Contributing Writer, Dark Reading,  10/16/2018
Getting Up to Speed with "Always-On SSL"
Tim Callan, Senior Fellow, Comodo CA,  10/18/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Latest Comment: Too funny!
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-10839
PUBLISHED: 2018-10-16
Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.
CVE-2018-13399
PUBLISHED: 2018-10-16
The Microsoft Windows Installer for Atlassian Fisheye and Crucible before version 4.6.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.
CVE-2018-18381
PUBLISHED: 2018-10-16
Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.
CVE-2018-18382
PUBLISHED: 2018-10-16
Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action.
CVE-2018-18374
PUBLISHED: 2018-10-16
XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.