A huge collection of 3400+ free website templates JAR theme com WP themes and more at the biggest community-driven free web design site

Alerts

Drupal Security Updates

Drupal has released security updates to address vulnerabilities in Drupal version 7 and 8.  Exploitation of these vulnerabilities could potentially allow an attacker to take control of an affected system.

Users and administrators are encouraged to review the Drupal Security Advisory and apply the necessary updates; click here for more information.

Meltdown and Spectre Vulnerability

Date of First Release: 2018-01-03.

Source: Google, National Cybersecurity and Communications Integration Center (NCCIC).

Product affected: 

Modern microprocessors (CPUs) which use speculative execution techniques to optimize performance including AMD, Apple, Arm, Google, Intel, Linux Kernel, Microsoft, Mozilla and other more.

Overview: 

CPU hardware implementations are vulnerable to side-channel attacks. These vulnerabilities are also referred as Meltdown and Spectre; they do affect most modern processors (CPUs) which use speculative execution technique to optimize performance.

Description:

The vulnerability is due to improper implementation of the speculative execution of instructions by the affected software. This vulnerability can be triggered by utilizing branch target injection. An attacker could exploit this vulnerability by executing arbitrary code and performing a side-channel attack on a targeted system. A successful exploit could allow the attacker to read sensitive memory information, including accessing memory from the CPU cache.

Variants of this issue are known to affect many modern processors, including certain processors by Intel, AMD and ARM. For a few Intel and AMD CPU models, exploitation has been carried out against real software.

Impact:

A successful exploit could allow attacker to execute arbitrary code with user privileges to achieve various impacts on targeted systems including; gaining access to sensitive information, accessing CPU cache memory and weaken kernel-level protections.

Moreover, further findings have revealed gradual systems performance degradation up to 30 percent as well as availability issues in some cloud services.

Solution:

Users and administrators are encouraged to refer to their OS vendors to avail the most recent information and apply patches. However, it has been established that, in some cases, patching may not fully address these vulnerabilities since they exist in CPU architecture rather than in software. In this regard, replacement of the affected processor with the new one may be deemed necessary in the worst case scenario.

Additionally, users and administrators who rely on cloud infrastructure should work with their service providers to mitigate and resolve any impacts resulting from host operating system patching and mandatory rebooting.

References:

  1. https://www.us-cert.gov/ncas/alerts/TA18-004A
  2. https://www.kb.cert.org/vuls/id/584653
  3. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel
  4. https://www.jamf.com/jamf-nation/discussions/26646/cpu-hardware-vulnerable-to-side-channel-attacks-meltdown-and-spectre
  5. https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html
  6. https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html

Vmware Vsphere Data Protection (VDP) Vulnerability

Date of First Release: 10-01-2018

Source: VMware

Product affected:

vSphere Data Protection (VDP) running on the virtual machines Version 6.1.x, 6.0.x and 5.x 

Overview:

VSphere Data Protection (VDP) contains multiple authentication bypass, arbitrary file upload and path traversal vulnerabilities.

Description:

VMware has release security advisory to address three critical vulnerabilities in vSphere Data Protection (VDP). The vulnerabilities contains multiple authentication bypass, arbitrary file upload and path traversal and it affects VDP version 5.x, 6.0.x and 6.1.x.

The authentication bypass vulnerability can allow an unauthenticated malicious user to remotely bypass authentication and gain root access to the affected system,  arbitrary file upload vulnerability can allow a malicious user with access to a low-privileged account to upload malicious files to any location on the server file system and the path traversal vulnerability can allow a malicious user with low privileges to access arbitrary files on the server in the context of the vulnerable application.

Impact:

The exploitation of the aforementioned vulnerabilities could allow a malicious user to take control of the affected system. 

Solution:

User and administrator are advised to review released notes and install recommended patches:

  • VDP version 6.1.x users should replace with or apply patch VDP version 6.1.6;
  • VDP version 6.0.x users should replace with or apply patch VDP version 6.0.7;
  • VDP version 5.x users should replace with or apply patch VDP version 6.0.7.

References

  1. https://www.vmware.com/security/advisories/VMSA-2018-0001.html
  2. http://www.securityweek.com/vmware-patches-critical-flaws-vsphere-data-protection
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15548
  3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15549
  4. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15550

Security Updates for Firefox

The Mozilla Foundation has release security update to address vulnerability in Firefox. Exploitation of this vulnerability could allow an attacker to obtain sensitive information.

Users and administrators are encouraged to review the Security Advisory released and apply the necessary updates.

For more information, visit Mozilla Security Advisory

Adobe Security Updates

Adobe has released security updates to address vulnerabilities in its Adobe Experience Manager Solution. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system.

Users and administrators are encouraged to review the Adobe Security Bulletin and apply the necessary updates.

For more information please visit APSB18-02 and APSB18-04