===================== = End-of-Day report = =====================
Timeframe: Donnerstag 04-01-2018 18:00 − Freitag 05-01-2018 18:00 Handler: Stephan Richter Co-Handler: n/a
===================== = News = =====================
∗∗∗ Google Unveils New Retpoline Coding Technique for Mitigating Spectre Attacks ∗∗∗ --------------------------------------------- Google has published details about a new coding technique created by the companys engineers that any developer can deploy and prevent Spectre attacks. --------------------------------------------- https://www.bleepingcomputer.com/news/google/google-unveils-new-retpoline-co...
∗∗∗ Microsoft could soon be “password free” ∗∗∗ --------------------------------------------- Is it the beginning of the end for passwords? --------------------------------------------- https://nakedsecurity.sophos.com/2018/01/05/microsoft-could-soon-be-password...
∗∗∗ How to Check and Update Windows Systems for the Meltdown and Spectre CPU Flaws ∗∗∗ --------------------------------------------- [...] An editorial-form article is probably not the best format to give advice, so were going to present a simple, dumbed-down, step-by-step article on how to get these updates and navigate Microsofts overly complicated announcement. --------------------------------------------- https://www.bleepingcomputer.com/news/microsoft/how-to-check-and-update-wind...
∗∗∗ How a researcher hacked his own computer and found worst chip flaw ∗∗∗ --------------------------------------------- FRANKFURT (Reuters) - Daniel Gruss didn’t sleep much the night he hacked his own computer and exposed a flaw in most of the chips made in the past two decades by hardware giant Intel Corp (INTC.O). --------------------------------------------- https://www.reuters.com/article/us-cyber-intel-researcher/how-a-researcher-h...
∗∗∗ Meltdown und Spectre: Alle Macs und iOS-Geräte betroffen ∗∗∗ --------------------------------------------- Apple hat sich endlich zu der Chiplücke in ARM- und Intel-Prozessoren geäußert. Demnach sind alle aktuellen Produkte des Konzerns angreifebar – die Apple Watch nicht mit Meltdown. Erste Bugfixes existieren. --------------------------------------------- https://heise.de/-3934477
∗∗∗ XeroxDay: Zero-Day-Schwachstelle bei Xerox Alto gefunden!!!1elf ∗∗∗ --------------------------------------------- Der Passwortschutz der 14-Zoll-Disketten für Xerox Alto lässt sich im Handumdrehen aushebeln. Ein Fix ist nicht in Sicht. Vom Produktiveinsatz mit sensiblen Daten sollte daher Abstand genommen werden. --------------------------------------------- https://heise.de/-3934443
∗∗∗ Prozessor-Lücken Meltdown und Spectre: Intel und ARM führen betroffene Prozessoren auf, Nvidia analysiert noch ∗∗∗ --------------------------------------------- Betroffen sind unter anderem sämtliche Intel-Core-Prozessoren bis zurück zum Jahr 2008 sowie eine Vielzahl von ARM-Cortex-CPUs. Nvidia glaubt, dass die CUDA-GPUs nicht anfällig sind und analysiert noch seine Tegra-Prozessoren. --------------------------------------------- https://heise.de/-3934667
∗∗∗ Trackmageddon: GPS-Tracking-Services ermöglichen unbefugten Zugriff ∗∗∗ --------------------------------------------- Sicherheitsforscher haben Schwachstellen in zahlreichen Online-Tracking-Services entdeckt, die Angreifern unter anderem das Abrufen von GPS-Daten ermöglichen. Eine Liste der verwundbaren Services ist online verfügbar. --------------------------------------------- https://heise.de/-3934328
∗∗∗ Jetzt patchen: Kritische Lücken in Dell EMC Data Protection Suite ∗∗∗ --------------------------------------------- Einige Dell-EMC-Produkte sind anfällig für Angriffe, die im schlimmsten Fall die vollständige Systemkompromittierung ermöglichen. Patches stehen bereit. --------------------------------------------- https://heise.de/-3935063
===================== = Vulnerabilities = =====================
∗∗∗ DSA-4078 linux - security update ∗∗∗ --------------------------------------------- Multiple researchers have discovered a vulnerability in Intel processors,enabling an attacker controlling an unprivileged process to read memory fromarbitrary addresses, including from the kernel and all other processes runningon the system. --------------------------------------------- https://www.debian.org/security/2018/dsa-4078
∗∗∗ Delta Electronics Delta Industrial Automation Screen Editor ∗∗∗ --------------------------------------------- This advisory contains mitigation details for stack-based buffer overflow, use-after-free, out-of-bounds write, and type confusion vulnerabilities in the Delta Electronics Delta Industrial Automation Screen Editor. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-004-01
∗∗∗ Advantech WebAccess ∗∗∗ --------------------------------------------- This advisory contains mitigation details for untrusted pointer dereference, stack-based buffer overflow, path traversal, SQL injection, and improper input validation vulnerabilities in Advantech’s WebAccess products. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-004-02
∗∗∗ Intel-SA-00086 Security Review Cumulative Update ∗∗∗ --------------------------------------------- Intel recently released a security update (Intel-SA-00086), regarding Intel ME 11.x, SPS 4.0, and TXE 3.0 intel products.The following Firmware are impacted:Intel Management Engine (ME) Firmware versions 11.0/11.5/11.6/11.7/11.10/11.20Intel Server Platform Services (SPS) Firmware version 4.0Intel Trusted Execution Engine (TXE) version 3.0And the following Intel products are affected:6th, 7th & 8th Generation Intel Core Processor FamilyIntel Xeon Processor E3-1200 v5 & v6 Product --------------------------------------------- http://fortiguard.com/psirt/FG-IR-17-271
∗∗∗ VMSA-2018-0003 ∗∗∗ --------------------------------------------- vRealize Operations for Horizon, vRealize Operations for Published Applications, Workstation, Horizon View Client and Tools updates resolve multiple security vulnerabilities --------------------------------------------- https://www.vmware.com/security/advisories/VMSA-2018-0003.html
∗∗∗ Citrix Security Updates for CVE-2017-5715, CVE-2017-5753, CVE-2017-5754 ∗∗∗ --------------------------------------------- A new class of issues has been identified in common CPU architectures. The presently known issues could allow unprivileged [...] --------------------------------------------- https://support.citrix.com/article/CTX231399
∗∗∗ Security updates for Friday ∗∗∗ --------------------------------------------- Security updates have been issued by Arch Linux (kernel), CentOS (kernel, libvirt, microcode_ctl, and qemu-kvm), Debian (kernel and xen), Fedora (kernel), Mageia (backintime, erlang, and wildmidi), openSUSE (kernel and ucode-intel), Oracle (kernel, libvirt, microcode_ctl, and qemu-kvm), Red Hat (kernel, kernel-rt, libvirt, microcode_ctl, qemu-kvm, and qemu-kvm-rhev), Scientific Linux (libvirt and qemu-kvm), SUSE (kvm and qemu), and Ubuntu (ruby1.9.1, ruby2.0, ruby2.3). --------------------------------------------- https://lwn.net/Articles/743242/rss
∗∗∗ Three new stable kernels ∗∗∗ --------------------------------------------- Greg Kroah-Hartman has announced the release of the 4.14.12, 4.9.75, and 4.4.110 stable kernels. The bulk of thechanges are either to fix the mitigations for Meltdown/Spectre (in 4.14.12) or to backportthose mitigations (in the two older kernels). There are apparently known (orsuspected) problems with each of the releases, which Kroah-Hartman is hoping to get shaken out inthe near term. For example, the 4.4.110 announcement warns: "But becareful, there have been some reports of problems [...] --------------------------------------------- https://lwn.net/Articles/743246/rss
∗∗∗ Bugtraq: SonicWall SonicOS NSA UTM Firewall - Bypass & Persistent Vulnerability ∗∗∗ --------------------------------------------- http://www.securityfocus.com/archive/1/541633
∗∗∗ DFN-CERT-2018-0035: Ruby: Eine Schwachstelle ermöglicht die Ausführung beliebigen Programmcodes ∗∗∗ --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2018-0035/
∗∗∗ DFN-CERT-2018-0029: Mozilla Firefox, Spectre: Zwei Schwachstellen ermöglichen das Ausspähen von Informationen ∗∗∗ --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2018-0029/
∗∗∗ HPESBHF03803 rev.1 - Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance, Remote Denial of Service and Execution of Code ∗∗∗ --------------------------------------------- https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03803en_...
∗∗∗ IBM Security Bulletin: Multiple Vulnerabilities in Oracle Outside In Technology affect IBM Rational DOORS Next Generation ∗∗∗ --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=swg22011668
∗∗∗ IBM Security Bulletin: Vulnerability in Apache Commons FileUpload affects IBM WebSphere Service Registry and Repository (CVE-2016-1000031) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22010680
∗∗∗ IBM Security Bulletin: Multiple Apache Struts Vulnerabilities Affect IBM Sterling B2B Integrator ∗∗∗ --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=swg22011978
∗∗∗ IBM Security Bulletin: Multiple Apache Struts Vulnerabilities Affect IBM Sterling File Gateway ∗∗∗ --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=swg22012006
∗∗∗ IBM Security Bulletin: IBM Security Key Lifecycle Manager is affected by XML External Entity Injection (XXE) attack (CVE-2017-1666) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22011970
∗∗∗ IBM Security Bulletin: IBM Security Key Lifecycle Manager is affected by SQL injection (CVE-2017-1670 ) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22012009
∗∗∗ IBM Security Bulletin: IBM Security Key Lifecycle Manager is vulnerable to Spoofing through URL Redirection (CVE-2017-1668) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22012010
∗∗∗ IBM Security Bulletin: IBM Security Key Lifecycle Manager is affected by Path Traversal vulnerability (CVE-2017-1671) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22011967
∗∗∗ IBM Security Bulletin: IBM Security Access Manager Appliance is affected by OpenSSH vulnerabilities ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22012324
∗∗∗ IBM Security Bulletin: Authenticated Users Can Gain Privilege in IBM UrbanCode Deploy (CVE-2017-1493) ∗∗∗ --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=swg2C1000367