CKA Forums
Login 
canadian forums
bottom
 
 
Canadian Forums

Author Topic Options
Offline
CKA Moderator
CKA Moderator
 San Jose Sharks


GROUP_AVATAR
User avatar
Profile
Posts: 58098
PostPosted: Thu Jan 04, 2018 10:03 am
 


From MS-ISAC:

Quote:
TLP: WHITE
MS-ISAC CYBERSECURITY ADVISORY

MS-ISAC ADVISORY NUMBER:
2017-127

DATE(S) ISSUED:
01/04/2018

SUBJECT:
Critical Patches Issued for Microsoft Products, January 03, 2018

OVERVIEW:
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

THREAT INTELLIGENCE:
This out-of-band Microsoft update partially patches the Spectre and Meltdown vulnerabilities but firmware updates are also required. There are currently no reports of these vulnerabilities being exploited in the wild.

SYSTEM AFFECTED:
• Microsoft Internet Explorer 11
• Microsoft Edge
• Microsoft Windows: 7, 8.1, 10
• Microsoft Windows Server: 2008, 2008 R2, 2012, 2012 R2, 2016
• Microsoft SQL Server: 2016, 2016 GDR, 2017, 2017 GDR

RISK:
Government:
• Large and medium government entities: High
• Small government entities: Medium
Businesses:
• Large and medium government entities: High
• Small government entities: Medium
Home users: Low

TECHNICAL SUMMARY:
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for code execution.

A full list of all vulnerabilities can be found at the link below:
https://portal.msrc.microsoft.com/en-us ... ce/summary

Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

RECOMMENDATIONS:
We recommend the following actions be taken:
• Apply appropriate patches or appropriate mitigations provided by Microsoft to vulnerable systems immediately after appropriate testing
• Run all software as a non-privileged user (one without administrative rights) to diminish the effects of a successful attack.
• Remind all users not to visit untrusted websites or follow links provided by unknown or untrusted sources.
• Inform and educate users regarding threats posed by hypertext links contained in emails or attachments especially from untrusted sources
• Apply the Principle of Least Privilege to all systems and services.

REFERENCES:
Microsoft:
https://portal.msrc.microsoft.com/en-us ... y-guidance
https://portal.msrc.microsoft.com/en-us ... ce/summary


Offline
CKA Moderator
CKA Moderator
User avatar
Profile
Posts: 26517
PostPosted: Thu Jan 04, 2018 10:25 am
 


Patching this will affect CPU performance by up to 30%.

It also affects things like your cellphone, and patching software will not be 100% effective, as the bug affects pretty much every Intel CPU in the last 20 years and it hardware based. Even a microcode update won't fix it fully.

Windows 2003, 7/8 users won't be able to patch till Tuesday. Windows 10 should automatically patch tonight, whether you want it to or not.


Offline
CKA Moderator
CKA Moderator
 San Jose Sharks


GROUP_AVATAR
User avatar
Profile
Posts: 58098
PostPosted: Thu Jan 04, 2018 10:36 am
 


Older computers will be severely impacted and if you use Symantec the Microsoft patches might cause your computer to bluescreen when Symantec tries to scan kernel memory.


Offline
CKA Uber
CKA Uber
User avatar
Profile
Posts: 14240
PostPosted: Thu Jan 04, 2018 11:09 am
 


Wow. Good thing I don’t use any of the commercial antivirus programs like that.

I’m amazed such a major bug like this could escape notice for decades like this. From my admittedly basic understanding, this is a pretty significant bug and for it to not get picked up is a real head scratcher.


Offline
CKA Uber
CKA Uber
 Montreal Canadiens
User avatar
Profile
Posts: 32377
PostPosted: Thu Jan 04, 2018 11:19 am
 


Are we talking about this ?


Intel knew about the massive security flaws in its chips when its CEO, Brian Krzanich, sold off $24 million in company stock

The sale left Krzanich with the minimum 250,000 stock required by his contract
The plan was put in place just four months after Intel learned of the security bug
The issues, known as Metldown and Spectre, could affect billions of gadgets
Intel says the sale was planned in advance and has no connection to the flaws


Read more: http://www.dailymail.co.uk/sciencetech/ ... z53F1FHBOT


Offline
CKA Moderator
CKA Moderator
User avatar
Profile
Posts: 26517
PostPosted: Thu Jan 04, 2018 11:26 am
 


martin14 wrote:
Are we talking about this ?


Security through obscurity is what gets us into positions like this. It must be talked about.

Quote:

The issues, known as Metldown and Spectre, could affect billions of gadgets


Point of order, "Meltdown" is Intel only flaw, included in laptops, tablets, servers etc. made since '95.

"Spectre" is a less severe, but similar bug in AMD and ARM processors. Processors like Qualcomm (in many cell phones), or graphics cards, are as yet unaffected.


Offline
CKA Moderator
CKA Moderator
User avatar
Profile
Posts: 26517
PostPosted: Thu Jan 04, 2018 11:32 am
 


Oh yea, and Krzanich - douche move there.


Offline
CKA Moderator
CKA Moderator
 San Jose Sharks


GROUP_AVATAR
User avatar
Profile
Posts: 58098
PostPosted: Thu Jan 04, 2018 12:11 pm
 


martin14 wrote:
Are we talking about this ?


Intel knew about the massive security flaws in its chips when its CEO, Brian Krzanich, sold off $24 million in company stock

The sale left Krzanich with the minimum 250,000 stock required by his contract
The plan was put in place just four months after Intel learned of the security bug
The issues, known as Metldown and Spectre, could affect billions of gadgets
Intel says the sale was planned in advance and has no connection to the flaws


Read more: http://www.dailymail.co.uk/sciencetech/ ... z53F1FHBOT


I hope Mr. Krzanich enjoys the food at the Federal Prison he'll be at for the next ten years or so.


Post new topic  Reply to topic  [ 8 posts ] 



Who is online

Users browsing this forum: No registered users and 3 guests




 
     
All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest © Canadaka.net. Powered by © phpBB.