SAN FRANCISCO — Hackers took advantage of an Equifax security vulnerability two months after an industry group discoveredVulnerability-related.DiscoverVulnerabilitythe coding flaw and sharedVulnerability-related.PatchVulnerabilitya fix for it , raising questions about why Equifax did n't updateVulnerability-related.PatchVulnerabilityits software successfully when the danger became known . A week after Equifax revealed one of the largest breachesAttack.Databreachof consumers ' private financial data in history — 143 million consumers and accessAttack.Databreachto the credit-card data of 209,000 — the industry group that manages the open source software in which the hack occurred blamed Equifax . `` The Equifax data compromiseAttack.Databreachwas due to ( Equifax 's ) failure to install the security updates providedVulnerability-related.PatchVulnerabilityin a timely manner , '' The Apache Foundation , which oversees the widely-used open source software , said in a statement Thursday . Equifax told USA TODAY late Wednesday the criminals who gained accessAttack.Databreachto its customer data exploitedVulnerability-related.DiscoverVulnerabilitya website application vulnerability known asVulnerability-related.DiscoverVulnerabilityApache Struts CVE-2017-5638 . The vulnerability was patchedVulnerability-related.PatchVulnerabilityon March 7 , the same day it was announcedVulnerability-related.DiscoverVulnerability, The Apache Foundation said . Cybersecurity professionals who lend their free services to the project of open-source software — code that 's shared by major corporations and that 's tested and modified by developers working at hundreds of firms — had shared their discovery with the industry group , making the risk and fix known to any company using the software . Modifications were made on March 10 , according to the National Vulnerability Database . But two months later , hackers took advantage of the vulnerability to enter the credit reporting agency 's systems : Equifax said the unauthorized access began in mid-May . Equifax did not respond to a question Wednesday about whether the patches were appliedVulnerability-related.PatchVulnerability, and if not , why not . `` We continue to work with law enforcement as part of our criminal investigation and have shared indicators of compromise with law enforcement , '' it said . It should have have acted faster to successfully deal with the problem , other cybersecurity professionals said . `` They should have patchedVulnerability-related.PatchVulnerabilityit as soon as possible , not to exceed a week . A typical bank would have patchedVulnerability-related.PatchVulnerabilitythis critical vulnerability within a few days , ” said Pravin Kothari , CEO of CipherCloud , a cloud security company . Federal regulators are now investigating whether Equifax is at fault . The Federal Trade Commission and the Consumer Financial Protection Bureau have said they 've opened probes into the hack . So far dozens of state attorneys general are investigating the breach , and on Tuesday Massachusetts Attorney General Maura Healey said she plans to sue the company for violating state consumer protection laws . More than 23 class-action lawsuits against the company have also been proposed . Proof that Equifax failed to protect customers , particularly when it had the tools and information to do so , is likely to further damage Equifax 's financial outlook . Shares fell 2.5 % Thursday after news of the FTC probe and are down 33 % since it revealed the link .
Intel revealedVulnerability-related.DiscoverVulnerabilitythat it will not be issuingVulnerability-related.PatchVulnerabilitySpectre patches to a number of older Intel processor families , potentially leaving many customers vulnerable to the security exploit . Intel claims the processors affected are mostly implemented as closed systems , so they aren ’ t at risk from the Spectre exploit , and that the age of these processors means they have limited commercial availability . The processors which Intel won ’ t be patchingVulnerability-related.PatchVulnerabilityinclude four lines from 2007 , Penryn , Yorkfield , and Wolfdale , along with Bloomfield ( 2009 ) , Clarksfield ( 2009 ) , Jasper Forest ( 2010 ) and the Intel Atom SoFIA processors from 2015 . According to Tom ’ s Hardware , Intel ’ s decision not to patchVulnerability-related.PatchVulnerabilitythese products could stem from the relative difficulty of patchingVulnerability-related.PatchVulnerabilitythe Spectre exploit on older systems . “ After a comprehensive investigation of the microarchitectures and microcode capabilities for these products , Intel has determined to not releaseVulnerability-related.PatchVulnerabilitymicrocode updates for these products , ” Intel said . Because of the nature of the Spectre exploit , patches for it need to be deliveredVulnerability-related.PatchVulnerabilityas an operating system or BIOS update , and if Microsoft and motherboard OEMs aren ’ t going to distributeVulnerability-related.PatchVulnerabilitythe patches , developingVulnerability-related.PatchVulnerabilitythem isn ’ t much of a priority . “ However , the real reason Intel gave up on patchingVulnerability-related.PatchVulnerabilitythese systems seems to be that neither motherboard makers nor Microsoft may be willing to updateVulnerability-related.PatchVulnerabilitysystems sold a decade ago , ” Tom ’ s Hardware reports . It sounds bad , but as Intel pointed out , these are all relatively old processors — with the exception of the Intel Atom SoFIA processor , which came out in 2015 — and it ’ s unlikely they ’ re used in any high-security environments . The Spectre exploit is a serious security vulnerability to be sure , but as some commentators have pointed out in recent months , it ’ s not the kind of exploit the average user needs to worry about . “ We ’ ve now completed releaseVulnerability-related.PatchVulnerabilityof microcode updates for Intel microprocessor products launched in the last 9+ years that required protection against the side-channel vulnerabilities discoveredVulnerability-related.DiscoverVulnerabilityby Google Project Zero , ” said an Intel spokseperson . “ However , as indicated in our latest microcode revision guidance , we will not be providingVulnerability-related.PatchVulnerabilityupdated microcode for a select number of older platforms for several reasons , including limited ecosystem support and customer feedback. ” If you have an old Penryn processor toiling away in an office PC somewhere , you ’ re probably more at risk for a malware infection arising from a bad download than you are susceptible to something as technically sophisticated as the Spectre or Meltdown vulnerabilities .
Intel has issuedVulnerability-related.PatchVulnerabilityfresh `` microcode revision guidance '' that reveals it won ’ t addressVulnerability-related.PatchVulnerabilitythe Meltdown and Spectre design flaws in all of its vulnerable processors – in some cases because it 's too tricky to remove the Spectre v2 class of vulnerabilities . The new guidance , issued April 2 , adds a “ stopped ” status to Intel ’ s “ production status ” category in its array of available Meltdown and Spectre security updates . `` Stopped '' indicates there will be no microcode patch to kill offVulnerability-related.PatchVulnerabilityMeltdown and Spectre . The guidance explains that a chipset earns “ stopped ” status because , “ after a comprehensive investigation of the microarchitectures and microcode capabilities for these products , Intel has determined to not releaseVulnerability-related.PatchVulnerabilitymicrocode updates for these products for one or more reasons. ” Those reasons are given as : Micro-architectural characteristics that preclude a practical implementation of features mitigatingVulnerability-related.PatchVulnerability[ Spectre ] Variant 2 ( CVE-2017-5715 ) Limited Commercially Available System Software support Based on customer inputs , most of these products are implemented as “ closed systems ” and therefore are expected to have a lower likelihood of exposure to these vulnerabilities . Thus , if a chip family falls under one of those categories – such as Intel ca n't easily fixVulnerability-related.PatchVulnerabilitySpectre v2 in the design , or customers do n't think the hardware will be exploitedVulnerability-related.DiscoverVulnerability– it gets a `` stopped '' sticker . To leverage the vulnerabilities , malware needs to be running on a system , so if the computer is totally closed off from the outside world , administrators may feel it 's not worth the hassle applying messy microcode , operating system , or application updates . `` Stopped '' CPUs that won ’ t therefore getVulnerability-related.PatchVulnerabilitya fix are in the Bloomfield , Bloomfield Xeon , Clarksfield , Gulftown , Harpertown Xeon C0 and E0 , Jasper Forest , Penryn/QC , SoFIA 3GR , Wolfdale , Wolfdale Xeon , Yorkfield , and Yorkfield Xeon families . The new list includes various Xeons , Core CPUs , Pentiums , Celerons , and Atoms – just about everything Intel makes . Most the CPUs listed above are oldies that went on sale between 2007 and 2011 , so it is likely few remain in normal use . There ’ s some good news in the tweaked guidance : the Arrandale , Clarkdale , Lynnfield , Nehalem , and Westmere families that were previously un-patchedVulnerability-related.PatchVulnerabilitynow have working fixes availableVulnerability-related.PatchVulnerabilityin production , apparently . “ We ’ ve now completed releaseVulnerability-related.PatchVulnerabilityof microcode updates for Intel microprocessor products launched in the last 9+ years that required protection against the side-channel vulnerabilities discoveredVulnerability-related.DiscoverVulnerabilityby Google Project Zero , '' an Intel spokesperson told The Reg . `` However , as indicated in our latest microcode revision guidance , we will not be providingVulnerability-related.PatchVulnerabilityupdated microcode for a select number of older platforms for several reasons , including limited ecosystem support and customer feedback. ” Now all Intel has to do is sort out a bunch of lawsuits , make sure future products don ’ t have similar problems , combat a revved-up-and-righteous AMD and Qualcomm in the data centre , find a way to get PC buyers interested in new kit again , and make sure it doesn ’ t flub emerging markets like IoT and 5G like it flubbed the billion-a-year mobile CPU market .
It was starting to feel like Intel was overdue for serious Management Engine ( ME ) vulnerabilities . But this week , researchers at Positive Technologies revealedVulnerability-related.DiscoverVulnerabilitya new security flaw in the subsystem that could let attackers compromise its MFS file system . Intel has releasedVulnerability-related.PatchVulnerabilityupdates to addressVulnerability-related.PatchVulnerabilitythe problem , though , so Intel CPU owners should make sure their firmware is up-to-date . ME has become a repeated source of problems for Intel and its customers . The utility is a chip-on-a-chip that allows IT managers to remotely access company PCs with tools like Intel 's Active Management Technology ( AMT ) . ME has its own network interface , memory , operating system and file system ( MFS ) that are kept separate from the main system in a bid to prevent it from allowing hackers to access ostensibly secure information . The problem is that researchers have discoveredVulnerability-related.DiscoverVulnerabilitynumerous vulnerabilities in ME over the last few years ; Positive Technologies revealedVulnerability-related.DiscoverVulnerabilityone in 2017 that allowed full takeover of ME via USB ( it 's since been fixedVulnerability-related.PatchVulnerability) . Now , it 's revealedVulnerability-related.DiscoverVulnerabilityanother one that allows someone with physical access to a system to compromise ME and `` manipulate the state of MFS and extract important secrets '' with the ability to `` add files , delete files and change their protection attributes . '' Positive Technologies said the attack can be used to learn four keys MFS uses to secure data -- the Intel Integrity Key , Non-Intel Integrity Key , Intel Confidentiality Key and Non-Intel Confidentiality Key -- that were supposed to be protected via a firmware update Intel releasedVulnerability-related.PatchVulnerabilityin 2017 . Positive Technologies explained how someone with physical access to the system could bypass that patch to compromise those keys in its blog post : `` Positive Technologies expert Dmitry Sklyarov discoveredVulnerability-related.DiscoverVulnerabilityvulnerability CVE-2018-3655 , described in advisory Intel-SA-00125 . He found that Non-Intel Keys are derived from two values : the SVN and the immutable non-Intel root secret , which is unique to each platform . By using an earlier vulnerability to enable the JTAG debugger , it was possible to obtain the latter value . Knowing the immutable root secret enables calculating the values of both Non-Intel Keys even in the newer firmware version . ... Attackers could calculate the Non-Intel Integrity Key and Non-Intel Confidentiality Key for firmware that has the updated SVN value and therefore compromise the MFS security mechanisms that rely on these keys . '' Intel releasedVulnerability-related.PatchVulnerabilitythe Intel-SA-00125 firmware update to defend against this vulnerability on September 11 . But this is another point in favor of companies questioning -- or outright banning -- the use of ME in their systems . Purism avoids ME and the services it enables in its privacy-focused Librem notebooks , Google is working to remove ME from the Intel processors it uses and previous security flaws have raised concerns among consumers .
Mozilla releasedVulnerability-related.PatchVulnerabilitynine fixes in its Wednesday launch of Firefox 62 for Windows , Mac and Android – including one for a critical glitch that could enable attackers to run arbitrary code . Overall , the latest version of the Firefox browser includedVulnerability-related.PatchVulnerabilityfixes for the critical issue , three high-severity flaws , two moderate problems and three low-severity vulnerabilities . Topping the list is a memory safety bug ( CVE-2018-12376 ) , discoveredVulnerability-related.DiscoverVulnerabilityby a number of Mozilla developers and community members . A critical impact bug means the vulnerability can be used to run attacker code and install software , requiring no user interaction beyond normal browsing , according to Mozilla . The memory safety problem , which exists inVulnerability-related.DiscoverVulnerabilityFirefox 61 and Firefox ESR 60 , meets these criteria , researchers saidVulnerability-related.DiscoverVulnerability. Mozilla didn ’ t release further details , but it did assign one CVEVulnerability-related.DiscoverVulnerabilityto represent multiple similar issues . In addition to the memory safety bug ( s ) , Mozilla also fixedVulnerability-related.PatchVulnerabilitythree high-severity vulnerabilities in its latest update . These include a use-after-free glitch in refresh driver timers ( CVE-2018-12377 ) , which power browser-page refreshes . Another high-severity bug ( CVE-2018-12378 ) is a use-after-free vulnerability that occursVulnerability-related.DiscoverVulnerabilitywhen an IndexedDB index ( a low-level API for client-side storage of significant amounts of structured data ) is deleted while still in use by JavaScript code providing payload values . “ This results in a potentially exploitable crash , ” the advisory said . Mozilla developers and community members also foundVulnerability-related.DiscoverVulnerabilitya memory-safety bug ( CVE-2018-12375 ) in Firefox 61 , which showed evidence of memory corruption and could be exploitedVulnerability-related.DiscoverVulnerabilityto run arbitrary code , according to the advisory . The moderate and low-severity fixes that were deployedVulnerability-related.PatchVulnerabilityin Firefox 62 include patches for an out-of-bounds write flaw ( triggered when the Mozilla Updater opens a MAR format file that contains a very long item filename ) ; and a proxy bypass glitch in the browser ’ s proxy settings . Firefox 62 for desktop is availableVulnerability-related.PatchVulnerabilityfor download on Mozilla ’ s website .
Tavis Ormandy , a Google Project Zero security researcher , has revealedVulnerability-related.DiscoverVulnerabilitydetails about a new major vulnerability discoveredVulnerability-related.DiscoverVulnerabilityin Ghostscript , an interpreter for Adobe 's PostScript and PDF page description languages . Ghostscript is by far the most widely used solution of its kind . The Ghostscript interpreter is embedded in hundreds of software suites and coding libraries that allow desktop software and web servers to handle PostScript and PDF-based documents . Exploiting the bug Ormandy discoveredVulnerability-related.DiscoverVulnerabilityrequires that an attacker sends a malformed PostScript , PDF , EPS , or XPS file to a victim . Once the file reaches the Ghostscript interpreter , the malicious code contained within will execute an attacker 's desired on that machine . The vulnerability , which has not received a CVEVulnerability-related.DiscoverVulnerabilityidentifier just yet , allows an attacker to take over applications and servers that use vulnerable versions of Ghostscript . At the time of writing , there is no fix availableVulnerability-related.PatchVulnerability. By far , the most affected projects are the ImageMagick image processing library , but also many Linux distros where this library ships by default . RedHat and Ubuntu have already confirmed they are affected , according to a CERT/CC security advisory released today . `` I * strongly * suggest that [ Linux ] distributions start disabling PS , EPS , PDF and XPS coders in [ ImageMagick 's ] policy.xml by default , '' Ormandy said . Because of Ghostscript 's broad adoption in the web dev and software dev communities , Ormandy has had his eyes set on Ghostscript for the past few years . He discoveredVulnerability-related.DiscoverVulnerabilitysimilar high severity issues affectingVulnerability-related.DiscoverVulnerabilityGhostscript in 2016 and again in 2017 . The vulnerability he foundVulnerability-related.DiscoverVulnerabilityin 2017 —CVE-2017-8291— was adopted by North Korean hackers , who used it to break into South Korean cryptocurrency exchanges , steal funds , and later plant false flags in an attempt to pin the hacks on Chinese-speaking threat actors . Because of Ghostscript 's wide adoption , any bugs , and especially those that lead to remote code execution , are highly sought-after by any threat actor .
Tavis Ormandy , a Google Project Zero security researcher , has revealedVulnerability-related.DiscoverVulnerabilitydetails about a new major vulnerability discoveredVulnerability-related.DiscoverVulnerabilityin Ghostscript , an interpreter for Adobe 's PostScript and PDF page description languages . Ghostscript is by far the most widely used solution of its kind . The Ghostscript interpreter is embedded in hundreds of software suites and coding libraries that allow desktop software and web servers to handle PostScript and PDF-based documents . Exploiting the bug Ormandy discoveredVulnerability-related.DiscoverVulnerabilityrequires that an attacker sends a malformed PostScript , PDF , EPS , or XPS file to a victim . Once the file reaches the Ghostscript interpreter , the malicious code contained within will execute an attacker 's desired on that machine . The vulnerability , which has not received a CVEVulnerability-related.DiscoverVulnerabilityidentifier just yet , allows an attacker to take over applications and servers that use vulnerable versions of Ghostscript . At the time of writing , there is no fix availableVulnerability-related.PatchVulnerability. By far , the most affected projects are the ImageMagick image processing library , but also many Linux distros where this library ships by default . RedHat and Ubuntu have already confirmed they are affected , according to a CERT/CC security advisory released today . `` I * strongly * suggest that [ Linux ] distributions start disabling PS , EPS , PDF and XPS coders in [ ImageMagick 's ] policy.xml by default , '' Ormandy said . Because of Ghostscript 's broad adoption in the web dev and software dev communities , Ormandy has had his eyes set on Ghostscript for the past few years . He discoveredVulnerability-related.DiscoverVulnerabilitysimilar high severity issues affectingVulnerability-related.DiscoverVulnerabilityGhostscript in 2016 and again in 2017 . The vulnerability he foundVulnerability-related.DiscoverVulnerabilityin 2017 —CVE-2017-8291— was adopted by North Korean hackers , who used it to break into South Korean cryptocurrency exchanges , steal funds , and later plant false flags in an attempt to pin the hacks on Chinese-speaking threat actors . Because of Ghostscript 's wide adoption , any bugs , and especially those that lead to remote code execution , are highly sought-after by any threat actor .
Tavis Ormandy , a Google Project Zero security researcher , has revealedVulnerability-related.DiscoverVulnerabilitydetails about a new major vulnerability discoveredVulnerability-related.DiscoverVulnerabilityin Ghostscript , an interpreter for Adobe 's PostScript and PDF page description languages . Ghostscript is by far the most widely used solution of its kind . The Ghostscript interpreter is embedded in hundreds of software suites and coding libraries that allow desktop software and web servers to handle PostScript and PDF-based documents . Exploiting the bug Ormandy discoveredVulnerability-related.DiscoverVulnerabilityrequires that an attacker sends a malformed PostScript , PDF , EPS , or XPS file to a victim . Once the file reaches the Ghostscript interpreter , the malicious code contained within will execute an attacker 's desired on that machine . The vulnerability , which has not received a CVEVulnerability-related.DiscoverVulnerabilityidentifier just yet , allows an attacker to take over applications and servers that use vulnerable versions of Ghostscript . At the time of writing , there is no fix availableVulnerability-related.PatchVulnerability. By far , the most affected projects are the ImageMagick image processing library , but also many Linux distros where this library ships by default . RedHat and Ubuntu have already confirmed they are affected , according to a CERT/CC security advisory released today . `` I * strongly * suggest that [ Linux ] distributions start disabling PS , EPS , PDF and XPS coders in [ ImageMagick 's ] policy.xml by default , '' Ormandy said . Because of Ghostscript 's broad adoption in the web dev and software dev communities , Ormandy has had his eyes set on Ghostscript for the past few years . He discoveredVulnerability-related.DiscoverVulnerabilitysimilar high severity issues affectingVulnerability-related.DiscoverVulnerabilityGhostscript in 2016 and again in 2017 . The vulnerability he foundVulnerability-related.DiscoverVulnerabilityin 2017 —CVE-2017-8291— was adopted by North Korean hackers , who used it to break into South Korean cryptocurrency exchanges , steal funds , and later plant false flags in an attempt to pin the hacks on Chinese-speaking threat actors . Because of Ghostscript 's wide adoption , any bugs , and especially those that lead to remote code execution , are highly sought-after by any threat actor .
Microsoft has publishedVulnerability-related.PatchVulnerabilitya patch for an Outlook vulnerability first reportedVulnerability-related.DiscoverVulnerabilityin late 2016 , but the patch has been deemedVulnerability-related.PatchVulnerabilityincomplete and additional workarounds are needed , according to the security researcher who discoveredVulnerability-related.DiscoverVulnerabilityit . Yesterday 's April 2018 Patch Tuesday updates train included a fix for CVE-2018-0950 , a vulnerability in Microsoft Outlook discoveredVulnerability-related.DiscoverVulnerabilityby Will Dormann , a vulnerability analyst at the CERT Coordination Center ( CERT/CC ) . Outlook retrieves remote OLE content without prompting According to Dormann , the main problem with CVE-2018-0950 is that Microsoft Outlook will automatically render the content of remote OLE objects embedded inside rich formatted emails without prompting the user , something that Microsoft does in other Office apps such as Word , Excel , and PowerPoint . This leads to a slew of problems that come from automatically rendering OLE objects , a common attack vector for malware authors . Microsoft patches SMB attack vector only In a CERT/CC vulnerability note , Dormann says he notified Microsoft of Outlook 's propensity for loading OLE objects without alerting users in November 2016 . After almost 18 months , the company finally issuedVulnerability-related.PatchVulnerabilitya patch for the reported issue , but Dormann says the patch does not addressVulnerability-related.PatchVulnerabilitythe problem at the core of the issue . According to Microsoft , the CVE-2018-0950 patch deliveredVulnerability-related.PatchVulnerabilityyesterday only blocks Outlook from initiating SMB connections when previewing rich formatted emails . Dormann points out that Outlook still does not prompt user for permission to render OLE objects for email previews . Furthermore , the researcher also highlights that there are other ways of obtaining the NTLM hashes , such as embedding UNC links to SMB servers inside the email , links that Outlook will automatically make clickable . `` If a user clicks such a link , the impact will be the same as with this vulnerability , '' Dormann says . But even this incomplete patch is good news . This means that while Outlook will continue to render OLE objects inside email previews , at least these objects ca n't be used to steal NTLM hashes via SMB anymore . To avoid attackers from getting their hands on NTLM hashes via SMB altogether , the expert recommends that system administrators apply additional OS-level workarounds ,
Microsoft has publishedVulnerability-related.PatchVulnerabilitya patch for an Outlook vulnerability first reportedVulnerability-related.DiscoverVulnerabilityin late 2016 , but the patch has been deemedVulnerability-related.PatchVulnerabilityincomplete and additional workarounds are needed , according to the security researcher who discoveredVulnerability-related.DiscoverVulnerabilityit . Yesterday 's April 2018 Patch Tuesday updates train included a fix for CVE-2018-0950 , a vulnerability in Microsoft Outlook discoveredVulnerability-related.DiscoverVulnerabilityby Will Dormann , a vulnerability analyst at the CERT Coordination Center ( CERT/CC ) . Outlook retrieves remote OLE content without prompting According to Dormann , the main problem with CVE-2018-0950 is that Microsoft Outlook will automatically render the content of remote OLE objects embedded inside rich formatted emails without prompting the user , something that Microsoft does in other Office apps such as Word , Excel , and PowerPoint . This leads to a slew of problems that come from automatically rendering OLE objects , a common attack vector for malware authors . Microsoft patches SMB attack vector only In a CERT/CC vulnerability note , Dormann says he notified Microsoft of Outlook 's propensity for loading OLE objects without alerting users in November 2016 . After almost 18 months , the company finally issuedVulnerability-related.PatchVulnerabilitya patch for the reported issue , but Dormann says the patch does not addressVulnerability-related.PatchVulnerabilitythe problem at the core of the issue . According to Microsoft , the CVE-2018-0950 patch deliveredVulnerability-related.PatchVulnerabilityyesterday only blocks Outlook from initiating SMB connections when previewing rich formatted emails . Dormann points out that Outlook still does not prompt user for permission to render OLE objects for email previews . Furthermore , the researcher also highlights that there are other ways of obtaining the NTLM hashes , such as embedding UNC links to SMB servers inside the email , links that Outlook will automatically make clickable . `` If a user clicks such a link , the impact will be the same as with this vulnerability , '' Dormann says . But even this incomplete patch is good news . This means that while Outlook will continue to render OLE objects inside email previews , at least these objects ca n't be used to steal NTLM hashes via SMB anymore . To avoid attackers from getting their hands on NTLM hashes via SMB altogether , the expert recommends that system administrators apply additional OS-level workarounds ,
IBM has discoveredVulnerability-related.DiscoverVulnerability17 zero-day vulnerabilities in smart city systems which could debilitate core services . At the Black Hat conference in Las Vegas on Monday , the cybersecurity firm 's X-Force Red team of penetration testers and hackers demonstrated how old-school threats are placing the cities of the future at risk in the present day . Smart city technology spending is predicted to hit $ 80 billion this year and become as high as $ 135 billion by 2021 . Water and filtration systems , smart lighting , traffic controllers , utilities , and more all become intertwined in smart cities , which aim to make urban living more energy efficient , eco-friendly , and manageable . However , connecting all of these critical elements can have devastating effects should something go wrong -- such as a successful cyberattack . We 've already seen the damage which can be caused when threat actors target core country systems , such as in the case of Ukraine 's power grid , and unless security is considered every step of the way , every future city will be placed at similar levels of risk . Together with researchers from Threatcare , IBM X-Force Red discoveredVulnerability-related.DiscoverVulnerabilitythat smart city systems developed by Libelium , Echelon and Battelle were vulnerableVulnerability-related.DiscoverVulnerabilityto attack . Libelium is a wireless sensor network hardware manufacturer , while Echelon specializes in industrial IoT , and non-profit Battelle develops and commercializes related technologies . According to IBM X-Force Red researcher Daniel Crowley , out of the 17 previously-unknown vulnerabilities discoveredVulnerability-related.DiscoverVulnerabilityin systems used in four smart cities , eight are deemed critical in severity . Unfortunately , many of the bugs were due to poor , lax security practices -- such as the use of default passwords , authentication bypass , and SQL injections . In total , the researchers uncoveredVulnerability-related.DiscoverVulnerabilityfour instances of critical pre-authentication shell injection flaws in Libelium 's wireless sensor network , Meshlium .
IBM has discoveredVulnerability-related.DiscoverVulnerability17 zero-day vulnerabilities in smart city systems which could debilitate core services . At the Black Hat conference in Las Vegas on Monday , the cybersecurity firm 's X-Force Red team of penetration testers and hackers demonstrated how old-school threats are placing the cities of the future at risk in the present day . Smart city technology spending is predicted to hit $ 80 billion this year and become as high as $ 135 billion by 2021 . Water and filtration systems , smart lighting , traffic controllers , utilities , and more all become intertwined in smart cities , which aim to make urban living more energy efficient , eco-friendly , and manageable . However , connecting all of these critical elements can have devastating effects should something go wrong -- such as a successful cyberattack . We 've already seen the damage which can be caused when threat actors target core country systems , such as in the case of Ukraine 's power grid , and unless security is considered every step of the way , every future city will be placed at similar levels of risk . Together with researchers from Threatcare , IBM X-Force Red discoveredVulnerability-related.DiscoverVulnerabilitythat smart city systems developed by Libelium , Echelon and Battelle were vulnerableVulnerability-related.DiscoverVulnerabilityto attack . Libelium is a wireless sensor network hardware manufacturer , while Echelon specializes in industrial IoT , and non-profit Battelle develops and commercializes related technologies . According to IBM X-Force Red researcher Daniel Crowley , out of the 17 previously-unknown vulnerabilities discoveredVulnerability-related.DiscoverVulnerabilityin systems used in four smart cities , eight are deemed critical in severity . Unfortunately , many of the bugs were due to poor , lax security practices -- such as the use of default passwords , authentication bypass , and SQL injections . In total , the researchers uncoveredVulnerability-related.DiscoverVulnerabilityfour instances of critical pre-authentication shell injection flaws in Libelium 's wireless sensor network , Meshlium .
As part of Microsoft 's monthly Patch Tuesday updates , a critical flaw in Windows has been patchedVulnerability-related.PatchVulnerabilitythat is actively being exploitedVulnerability-related.DiscoverVulnerability. A vulnerability in the VBScript engine allowed for a zero-day exploit to infect machines by opening specially crafted scripts that can corrupt memory leading to the opportunity for arbitrary code execution . In a web-based attack , specially designed web pages could exploit the same vulnerability when using Internet Explorer . Embedding AcitveX controls that were marked `` safe for initialization '' inside of a Microsoft Office document also allowed for unsafe code to be executed since the IE rendering engine is used . One of the more interesting parts of the attack is that it does not matter what a user 's default browser is . When using VBScript , it is possible to force a web page to be loaded using Internet Explorer even if Chrome , FireFox , Safari , Opera or another browser is set to default . This particular vulnerability has been foundVulnerability-related.DiscoverVulnerabilityin use and affectsVulnerability-related.DiscoverVulnerabilityWindows 7 and Windows Server 2008 and newer . Kasperksy Lab has provided a fairly detailed analysis of how the exploit functions . In short , a statement from their security researchers says it all . `` We expect this vulnerability to become one of the most exploited in the near future , as it won ’ t be long until exploit kit authors start abusing it in both drive-by ( via browser ) and spear-phishingAttack.Phishing( via document ) campaigns . '' In addition to the VBScript flaw discoveredVulnerability-related.DiscoverVulnerabilityand patchedVulnerability-related.PatchVulnerability, Microsoft has also patchedVulnerability-related.PatchVulnerabilitya privilege escalation vulnerability . A failure of the Win32k component allows for arbitrary code to be executed in kernel mode . This allows for a standard user account to obtain full system access , although it should be noted that a user must be logged in already to perform the exploit . In this case , both exploits have been patchedVulnerability-related.PatchVulnerabilitybut that does not mean end users and administrators are going to patchVulnerability-related.PatchVulnerabilitytheir systems in a timely manner . It is advised to manually check for updates to verify that all of the latest patches are installed . In total , 67 updates were issuedVulnerability-related.PatchVulnerabilitysolving 21 critically rated vulnerabilities .
Kubernetes has12 become the most popular cloud container orchestration system by far , so it was only a matter of time until its first major security hole was discoveredVulnerability-related.DiscoverVulnerability. And the bug , CVE-2018-1002105 , aka the Kubernetes privilege escalation flaw , is a doozy . It 's a CVSS 9.8 critical security hole . With a specially crafted network request , any user can establish a connection through the Kubernetes application programming interface ( API ) server to a backend server . Once established , an attacker can send arbitrary requests over the network connection directly to that backend . Adding insult to injury , these requests are authenticated with the Kubernetes API server 's Transport Layer Security ( TLS ) credentials . Worse still , `` In default configurations , all users ( authenticated and unauthenticated ) are allowed to perform discovery API calls that allow this escalation . '' So , yes , anyone who knows about this hole can take command of your Kubernetes cluster . Oh , and for the final jolt of pain : `` There is no simple way to detect whether this vulnerability has been used . Because the unauthorized requests are made over an established connection , they do not appear in the Kubernetes API server audit logs or server log . The requests do appear in the kubelet or aggregated API server logs , but are indistinguishable from correctly authorized and proxied requests via the Kubernetes API server . '' In other words , Red Hat said , `` The privilege escalation flaw makes it possible for any user to gain full administrator privileges on any compute node being run in a Kubernetes pod . This is a big deal . Not only can this actor stealAttack.Databreachsensitive data or inject malicious code , but they can also bring down production applications and services from within an organization 's firewall . '' The only real fix is to upgradeVulnerability-related.PatchVulnerabilityKubernetes . Any program , which includes Kubernetes , is vulnerable . Kubernetes distributors are already releasingVulnerability-related.PatchVulnerabilityfixes . Red Hat reports all its `` Kubernetes-based services and products -- including Red Hat OpenShift Container Platform , Red Hat OpenShift Online , and Red Hat OpenShift Dedicated -- are affected . '' Red Hat has begun deliveringVulnerability-related.PatchVulnerabilitypatches and service updates to affected users . As far as anyone knows , no one has used the security hole to attack anyone yet . Darren Shepard , chief architect and co-founder at Rancher Labs , discoveredVulnerability-related.DiscoverVulnerabilitythe bug and reportedVulnerability-related.DiscoverVulnerabilityit using the Kubernetes vulnerability reporting processVulnerability-related.DiscoverVulnerability. But -- and it 's a big but -- abusing the vulnerability would have left no obvious traces in the logs . And , now that news of the Kubernetes privilege escalation flaw is out , it 's only a matter of time until it 's abused . So , once more and with feeling , upgrade your Kubernetes systems now before your company ends up in a world of trouble .
AMD has acknowledgedVulnerability-related.DiscoverVulnerabilitythe Ryzenfall vulnerabilities discoveredVulnerability-related.DiscoverVulnerabilityby CTS-Labs , though the chip company believes the flaws can be patchedVulnerability-related.PatchVulnerabilityvia BIOS updates issuedVulnerability-related.PatchVulnerabilityover the next few weeks . In a blog post authored by AMD ’ s chief technical officer , Mark Papermaster , AMD confirmed that the four broad classifications of attacks—Masterkey , Ryzenfall , Fallout , and Chimera—are viable , though they require administrative access to the PC or server in question . Third-party protection , such as Microsoft Windows Credential Guard , also serve to block unauthorized administrative access , Papermaster wrote . In any event , “ any attacker gaining unauthorized administrative access would have a wide range of attacks at their disposal well beyond the exploits identified in this research , ” AMD ’ s Papermaster added . But AMD also provided the answer to consumers ’ most pressing question : What , if anything , needs to be done ? For each of the first three classifications of vulnerabilities , AMD said it is working on firmware updates that the company plans to releaseVulnerability-related.PatchVulnerabilityduring the coming weeks . The fourth category of vulnerability , known as Chimera , affectedVulnerability-related.DiscoverVulnerabilitythe Promontory chipset , which CTS-Labs said was designed with logic supplied by ASMedia , a third-party vendor . While AMD said patches for that will also be releasedVulnerability-related.PatchVulnerabilityvia a BIOS update , the company said it is working with the Promontory chipset maker on developingVulnerability-related.PatchVulnerabilitythe mitigations , rather than supplying its own . AMD has neither confirmed nor denied whether the attacks can be executed remotely , or require local access . AMD did deny , however , that the attacks have anything to do with Meltdown or Spectre , the two side-channel attacks that rival Intel has worked to patchVulnerability-related.PatchVulnerability. About a week ago , CTS-Labs issued a press release as well as a website outlining the vulnerabilities , which the company provided to AMD less than 24 hours before CTS-Labs went public , AMD said . But CTS-Labs also drew fire over boilerplate copy on its website that implied a potential financial interest in the subjects of its reports . PCWorld attempted to interview CTS executives , but later rescinded that request after CTS-Labs representatives demanded a list of questions in advance , and also forbade us from asking about the timing and the company ’ s financial motivations . In the meantime , however , the vulnerabilities were confirmedVulnerability-related.DiscoverVulnerabilityby two independent researchers , Trail of Bits and Check Point . Both expressed doubts that attackers would be able to exploit the vulnerabilities that CTS-Labs had originally discoveredVulnerability-related.DiscoverVulnerability.
AMD has acknowledgedVulnerability-related.DiscoverVulnerabilitythe Ryzenfall vulnerabilities discoveredVulnerability-related.DiscoverVulnerabilityby CTS-Labs , though the chip company believes the flaws can be patchedVulnerability-related.PatchVulnerabilityvia BIOS updates issuedVulnerability-related.PatchVulnerabilityover the next few weeks . In a blog post authored by AMD ’ s chief technical officer , Mark Papermaster , AMD confirmed that the four broad classifications of attacks—Masterkey , Ryzenfall , Fallout , and Chimera—are viable , though they require administrative access to the PC or server in question . Third-party protection , such as Microsoft Windows Credential Guard , also serve to block unauthorized administrative access , Papermaster wrote . In any event , “ any attacker gaining unauthorized administrative access would have a wide range of attacks at their disposal well beyond the exploits identified in this research , ” AMD ’ s Papermaster added . But AMD also provided the answer to consumers ’ most pressing question : What , if anything , needs to be done ? For each of the first three classifications of vulnerabilities , AMD said it is working on firmware updates that the company plans to releaseVulnerability-related.PatchVulnerabilityduring the coming weeks . The fourth category of vulnerability , known as Chimera , affectedVulnerability-related.DiscoverVulnerabilitythe Promontory chipset , which CTS-Labs said was designed with logic supplied by ASMedia , a third-party vendor . While AMD said patches for that will also be releasedVulnerability-related.PatchVulnerabilityvia a BIOS update , the company said it is working with the Promontory chipset maker on developingVulnerability-related.PatchVulnerabilitythe mitigations , rather than supplying its own . AMD has neither confirmed nor denied whether the attacks can be executed remotely , or require local access . AMD did deny , however , that the attacks have anything to do with Meltdown or Spectre , the two side-channel attacks that rival Intel has worked to patchVulnerability-related.PatchVulnerability. About a week ago , CTS-Labs issued a press release as well as a website outlining the vulnerabilities , which the company provided to AMD less than 24 hours before CTS-Labs went public , AMD said . But CTS-Labs also drew fire over boilerplate copy on its website that implied a potential financial interest in the subjects of its reports . PCWorld attempted to interview CTS executives , but later rescinded that request after CTS-Labs representatives demanded a list of questions in advance , and also forbade us from asking about the timing and the company ’ s financial motivations . In the meantime , however , the vulnerabilities were confirmedVulnerability-related.DiscoverVulnerabilityby two independent researchers , Trail of Bits and Check Point . Both expressed doubts that attackers would be able to exploit the vulnerabilities that CTS-Labs had originally discoveredVulnerability-related.DiscoverVulnerability.
EOS has tweeted to confirm that it has patchedVulnerability-related.PatchVulnerability“ most ” of the reported bugs and is “ working hard ” on the remainder . It expects the mainnet launch to stay on schedule . Qihoo 360 , a China-based internet security firm , says it has notifiedVulnerability-related.DiscoverVulnerabilitythe EOS blockchain project about “ a series of epic vulnerabilities ” discoveredVulnerability-related.DiscoverVulnerabilityon its platform . The firm said in a Tuesday reportVulnerability-related.DiscoverVulnerabilitythat loopholes foundVulnerability-related.DiscoverVulnerabilityin the EOS platform could expose nodes on the network to attackers , giving them the ability to execute code remotely and take “ full control ” of transactions . The firm claims that such an attack could potentially “ decimate ” the entire cryptocurrency network . Qihoo 360 went on to explain that bad actors would be able to attack the network by constructing and publishing smart contracts containing malicious code on the EOS mainnet and have EOS supernodes pack them into new blocks . Subsequently the code would affect all nodes on the network , including those of cryptocurrency wallets and exchanges , letting the attackers gain control of private keys to cryptocurrency transactions . While EOS has not yet made any public comment on the issue , Qihoo 360 said in another blog update that the project ’ s lead developer , Daniel Larimer , was notifiedVulnerability-related.DiscoverVulnerabilityof the issues and that he has since saidVulnerability-related.DiscoverVulnerabilitythe vulnerabilities – identified as issue number 3498 on Github – have been fixedVulnerability-related.PatchVulnerability. “ If any of these asserts trigger in release it shouldn ’ t pass , but should throw . Allowing the code to continue running in release is a potential security vulnerability and will likely result in crashes elsewhere , ” Larimer wrote on the Github page . Meanwhile , Larimer has today appealed for more external assistance in identifyingVulnerability-related.DiscoverVulnerabilitycritical bugs in the system with the project ’ s mainnet launch just days away .
Merely a day after rolling outVulnerability-related.PatchVulnerabilitythe December 2018 security patch early , Samsung has now revealedVulnerability-related.PatchVulnerabilitythe details of the latest security maintenance release . The Galaxy Xcover 4 is the first smartphone to getVulnerability-related.PatchVulnerabilitythis update . Samsung will be releasingVulnerability-related.PatchVulnerabilitythe patch for more compatible devices in the coming weeks . It has detailed the contents of this patch as part of its monthly security maintenance release process . The update includes patches from Google for Android in addition to patches from Samsung for its custom software . The December 2018 security patch has fixes for six critical vulnerabilities discoveredVulnerability-related.DiscoverVulnerabilityin the Android operating system . The most severe vulnerability in the framework section could enable a malicious app to run unapproved code in the context of a privileged process . However , no moderate or low-risk vulnerabilities were required to be patchedVulnerability-related.PatchVulnerabilityin this latest security maintenance release . The updateVulnerability-related.PatchVulnerabilitydoes bringVulnerability-related.PatchVulnerabilityquite a patches for 40 Samsung Vulnerabilities and Exposures ( SVE ) items . This includes a vulnerability in the Secure Folder app which could have allowed access without authentication . Another vulnerability in the app could have resulted in the exposure of the gallery app without authentication . Therefore , Samsung will now get down to the business of rolling outVulnerability-related.PatchVulnerabilitythe December 2018 security patch to supported devices . We should expect some handsets to start receiving it within the next few days . The company may start rolling it out to high-end devices first .
Adobe has releasedVulnerability-related.PatchVulnerabilityupdates fixingVulnerability-related.PatchVulnerabilitya long list of security vulnerabilities discoveredVulnerability-related.DiscoverVulnerabilityin the Mac and Windows versions of Acrobat and Reader . In total , the first October update brings 85 CVEs , including 47 rated as ‘ critical ’ with the remaining 39 classified as ‘ important ’ . It ’ s too early to get much detail on the flaws but those rated critical break down as 46 allowing code execution and one allowing privilege escalation . The majority of the flaws rated important involve out-of-bounds read issues leading to information disclosure . As far as Adobe is aware , none are being actively exploited . The update you should download depends on which version you have installed : For most Windows or Mac users it ’ ll be either Acrobat DC ( the paid version ) or Acrobat Reader DC ( free ) so look for update version 2019.008.20071 . For anyone on the classic Acrobat 2017 or Acrobat Reader DC 2017 , it ’ s version 2017.011.30105 . Those on the even more classic Acrobat DC ( 2015 ) or Acrobat Reader DC ( 2015 ) it ’ s version 2015.006.30456 . Anyone who still has the old Acrobat XI or Reader XI on their computer , the last version was 11.0.23 when support for this ended a year ago . A sign of success ? There was a time when having to patchVulnerability-related.PatchVulnerabilityso many flaws in a small suite of products from one company would have been seen as a failure . Arguably , these days , it ’ s a sign of success – researchers are devoting the time to findingVulnerability-related.DiscoverVulnerabilityvulnerabilities before the bad guys do and Adobe is turning around fixes . What ’ s surprising is that despite crediting every one of them ( and it ’ s quite a list ) , the company doesn ’ t seem to have a formal bug bounty reward program other than the separate web applications program run via third party company , HackerOne . If Adobe ’ s 85 vulnerabilities sounds excessive , have some sympathy for users of the rival Foxit PDF Reader and Foxit PhantomPDF programs . Foxit last week released what appears to beVulnerability-related.DiscoverVulnerability116 vulnerabilities of their own ( confusingly , many of which are not yet labelled with CVEsVulnerability-related.DiscoverVulnerability) . For some reason , the number of flaws being foundVulnerability-related.DiscoverVulnerabilityin Foxit ’ s programs has surged this year , reaching 183 before this September ’ s count , compared to 76 for the whole of 2017 . As for Adobe , these updates are unlikely to be the last we hear of the company this month – expect the usual flaws to be patchedVulnerability-related.PatchVulnerabilityin Adobe ’ s legacy Flash plug-in when Microsoft releasesVulnerability-related.PatchVulnerabilityits Windows Patch Tuesday on 9 October .
Thousands , if not more , Jenkins servers are vulnerableVulnerability-related.DiscoverVulnerabilityto data theft , takeover , and cryptocurrency mining attacks . This is because hackers can exploit two vulnerabilities to gain admin rights or log in using invalid credentials on these servers . Both vulnerabilities were discoveredVulnerability-related.DiscoverVulnerabilityby security researchers from CyberArk , were privately reportedVulnerability-related.DiscoverVulnerabilityto the Jenkins team , and receivedVulnerability-related.PatchVulnerabilityfixes over the summer . But despite patches for both issues , there are still thousands of Jenkins servers availableVulnerability-related.PatchVulnerabilityonline . Jenkins is a web application for continuous integration built in Java that allows development teams to run automated tests and commands on code repositories based on test results , and even automate the process of deploying new code to production servers . Jenkins is a popular component in many companies ' IT infrastructure and these servers are very popular with both freelancers and enterprises alike . Over the summer , CyberArk researchers discoveredVulnerability-related.DiscoverVulnerabilitya vulnerability ( tracked asVulnerability-related.DiscoverVulnerabilityCVE-2018-1999001 ) that allows an attacker to provide malformed login credentials that cause Jenkins servers to move their config.xml file from the Jenkins home directory to another location . If an attacker can cause the Jenkins server to crash and restart , or if he waits for the server to restart on its own , the Jenkins server then boots in a default configuration that features no security . In this weakened setup , anyone can register on the Jenkins server and gain administrator access . With an administrator role in hand , an attacker can access private corporate source code , or even make code modifications to plant backdoors in a company 's apps . This lone issue would have been quite bad on its own , but CyberArk researchers also discoveredVulnerability-related.DiscoverVulnerabilitya second Jenkins vulnerability -- CVE-2018-1999043 . This second bug , they saidVulnerability-related.DiscoverVulnerability, allowed an attacker to create ephemeral user records in the server 's memory , allowing an attacker a short period when they could authenticate using ghost usernames and credentials . Both vulnerabilities were fixedVulnerability-related.PatchVulnerability, the first in July and the second in August , but as we 've gotten accustomed to in the past few years of covering security flaws , not all server owners have bothered to install these security updates .
Thousands , if not more , Jenkins servers are vulnerableVulnerability-related.DiscoverVulnerabilityto data theft , takeover , and cryptocurrency mining attacks . This is because hackers can exploit two vulnerabilities to gain admin rights or log in using invalid credentials on these servers . Both vulnerabilities were discoveredVulnerability-related.DiscoverVulnerabilityby security researchers from CyberArk , were privately reportedVulnerability-related.DiscoverVulnerabilityto the Jenkins team , and receivedVulnerability-related.PatchVulnerabilityfixes over the summer . But despite patches for both issues , there are still thousands of Jenkins servers availableVulnerability-related.PatchVulnerabilityonline . Jenkins is a web application for continuous integration built in Java that allows development teams to run automated tests and commands on code repositories based on test results , and even automate the process of deploying new code to production servers . Jenkins is a popular component in many companies ' IT infrastructure and these servers are very popular with both freelancers and enterprises alike . Over the summer , CyberArk researchers discoveredVulnerability-related.DiscoverVulnerabilitya vulnerability ( tracked asVulnerability-related.DiscoverVulnerabilityCVE-2018-1999001 ) that allows an attacker to provide malformed login credentials that cause Jenkins servers to move their config.xml file from the Jenkins home directory to another location . If an attacker can cause the Jenkins server to crash and restart , or if he waits for the server to restart on its own , the Jenkins server then boots in a default configuration that features no security . In this weakened setup , anyone can register on the Jenkins server and gain administrator access . With an administrator role in hand , an attacker can access private corporate source code , or even make code modifications to plant backdoors in a company 's apps . This lone issue would have been quite bad on its own , but CyberArk researchers also discoveredVulnerability-related.DiscoverVulnerabilitya second Jenkins vulnerability -- CVE-2018-1999043 . This second bug , they saidVulnerability-related.DiscoverVulnerability, allowed an attacker to create ephemeral user records in the server 's memory , allowing an attacker a short period when they could authenticate using ghost usernames and credentials . Both vulnerabilities were fixedVulnerability-related.PatchVulnerability, the first in July and the second in August , but as we 've gotten accustomed to in the past few years of covering security flaws , not all server owners have bothered to install these security updates .
Cisco patchesVulnerability-related.PatchVulnerabilitya severe flaw in switch deployment software that can be attacked with crafted messages sent to a port that 's open by default . Cisco has releasedVulnerability-related.PatchVulnerabilitypatches for 34 vulnerabilities mostly affectingVulnerability-related.DiscoverVulnerabilityits IOS and IOS XE networking software , including three critical remote code execution security bugs . Perhaps the most serious issue Cisco has releasedVulnerability-related.PatchVulnerabilitya patch for is critical bug CVE-2018-0171 affectingVulnerability-related.DiscoverVulnerabilitySmart Install , a Cisco client for quickly deploying new switches for Cisco IOS Software and Cisco IOS XE Software . A remote unauthenticated attacker can exploit a flaw in the client to reload an affected device and cause a denial of service or execute arbitrary code . Embedi , the security firm that foundVulnerability-related.DiscoverVulnerabilitythe flaw , initially believed it could only be exploitedVulnerability-related.DiscoverVulnerabilitywithin an enterprise 's network . However , it foundVulnerability-related.DiscoverVulnerabilitymillions of affected devices exposed on the internet . `` Because in a securely configured network , Smart Install technology participants should not be accessible through the internet . But scanning the internet has shown that this is not true , '' wrote Embedi . `` During a short scan of the internet , we detected 250,000 vulnerable devices and 8.5 million devices that have a vulnerable port open . '' Smart Install is supported by a broad range of Cisco routers and switches . The high number of devices with an open port is probably because the Smart Install client 's port TCP 4786 is open by default . This situation is overlooked by network admins , Embedi said . The company has also publishedVulnerability-related.DiscoverVulnerabilityproof-of-concept exploit code , so it probably will be urgent for admins to patchVulnerability-related.PatchVulnerability. An attacker can exploit the bug by sendingAttack.Phishinga crafted Smart Install message to these devices on TCP port 4786 , according to Cisco . Embedi discoveredVulnerability-related.DiscoverVulnerabilitythe flaw last year , landing it an award at the GeekPwn conference in Hong Kong last May , and reportedVulnerability-related.DiscoverVulnerabilityit to Cisco in September . Cisco 's internal testing also turned upVulnerability-related.DiscoverVulnerabilitya critical issue in its IOS XE software , CVE-2018-0150 , due to an undocumented user account that has a default username and password . Cisco warnsVulnerability-related.DiscoverVulnerabilitythat an attacker could use this account to remotely connect to a device running the software . Cisco engineers also foundVulnerability-related.DiscoverVulnerabilityCVE-2018-0151 , a remote code execution bug in the QoS subsystem of IOS and IOS XE . `` The vulnerability is due to incorrect bounds checking of certain values in packets that are destined for UDP port 18999 of an affected device . An attacker could exploit this vulnerability by sending malicious packets to an affected device , '' writes Cisco . All three bugs were given a CVSS score of 9.8 out of 10 .
Valve has patchedVulnerability-related.PatchVulnerabilitya critical vulnerability in the Steam client which has lurked undetected for at least 10 years . The vulnerability impactsVulnerability-related.DiscoverVulnerabilityall versions of the gaming platform . Tom Court , a security researcher hailing from Context Information Security , discoveredVulnerability-related.DiscoverVulnerabilitythe bug and disclosedVulnerability-related.DiscoverVulnerabilityhis findings on Thursday . In a blog post , the researcher saidVulnerability-related.DiscoverVulnerabilitythat left unpatchedVulnerability-related.PatchVulnerability, the bug permits threat actors to perform remote code execution ( RCE ) attacks . It was not until July last year that Valve added modern ASLR exploit protections to its Steam source code . However , this addition made sure that the vulnerability would only cause a client crash if exploitedVulnerability-related.DiscoverVulnerability-- unless a separate information leak vulnerability was also active in the exploit chain . Valve 's Steam software uses a custom protocol , known as the `` Steam Protocol , '' which is delivered on the top of UDP . The protocol registers packet length and the total reassembled datagram length ; however , the vulnerability was caused by a simple lack of checks to ensure that for the first packet of a fragmented datagram , the specified length was less than or equal to the total datagram length . All an attacker needed to do was to send a malformed UDP packet to trigger the exploit . `` This means that it is possible to supply a data_len smaller than packet_len and have up to 64kb of data ( due to the 2-byte width of the packet_len field ) copied to a very small buffer , resulting in an exploitable heap corruption , '' Court says . `` This seems like a simple oversight , given that the check was present for all subsequent packets carrying fragments of the datagram . '' The vulnerability was reportedVulnerability-related.DiscoverVulnerabilityto Valve on 20 February and was fixedVulnerability-related.PatchVulnerabilityin a beta release less than 12 hours later . This patch was then pushedVulnerability-related.PatchVulnerabilityto a stable release on 22 March . `` This was a very simple bug , made relatively straightforward to exploit due to a lack of modern exploit protections , '' Court says . `` The vulnerable code was probably very old , but as it was otherwise in good working order , the developers likely saw no reason to go near it or update their build scripts . '' `` The lesson here is that as a developer it is important to periodically include aging code and build systems in your reviews to ensure they conform to modern security standards , even if the actual functionality of the code has remained unchanged , '' the researcher added .
Researchers at cybersecurity company Check Point have today shared detailsVulnerability-related.DiscoverVulnerabilityof a vulnerability in DJI ’ s infrastructure that could have given hackers access to consumer and corporate user accounts , personal data , flight logs , photos , videos , and – if the user was flying with DJI ’ s FlightHub application – a live camera feed and map during missions . Check Point submitted a reportVulnerability-related.DiscoverVulnerabilityto DJI ’ s Bug Bounty Program , highlighting a process in which an attacker could have gained access to a user ’ s account through a vulnerability discoveredVulnerability-related.DiscoverVulnerabilityin the user identification process within DJI Forum . Check Point ’ s researchers foundVulnerability-related.DiscoverVulnerabilitythat DJI ’ s various platforms used a token to identify registered users across different aspects of the customer experience . Hackers could plant malicious links that would compromise accounts within that framework . In a blog post outlining their investigation , Check Point explained the process of a possible exploit : The vulnerability was accessed through DJI Forum , an online forum DJI runs for discussions about its products . A user who logged into DJI Forum , then clicked a specially-planted malicious link , could have had his or her login credentials stolenAttack.Databreachto allow access to other DJI online assets : DJI ’ s web platform ( account , store , forum ) Cloud server data synced from DJI ’ s GO or GO 4 pilot apps DJI ’ s FlightHub ( centralized drone operations management platform ) We notifiedVulnerability-related.DiscoverVulnerabilityDJI about this vulnerability in March 2018 and DJI respondedVulnerability-related.DiscoverVulnerabilityresponsibly . The vulnerability has since been patchedVulnerability-related.PatchVulnerability. DJI classifiedVulnerability-related.DiscoverVulnerabilitythis vulnerability as high risk but low probability , and indicated there is no evidence this vulnerability was ever exploitedVulnerability-related.DiscoverVulnerabilityby anyone other than Check Point researchers . Check Point even made a Mission Impossible-style trailer for their findings , which is… interesting .
A critical vulnerability in open source automation tool Jenkins could allow permission checks to be bypassed through the use of specially-crafted URLs . Jenkins uses the Stapler web framework for HTTP request handling , which uses reflection to dispatch incoming web requests to controller code . This means that any public methods that start with get and include string and integer parameters are exposed to the web server . Because this is a common naming convention , this has led to multiple internal Jenkins methods being inadvertently exposed . The precise impact of this isn ’ t clear . The advisory notes that code execution could be a possible outcome – though on closer inspection , this seems to be a worst-case scenario . “ To clarify , the vulnerability we addressedVulnerability-related.PatchVulnerabilityhad nothing to do with arbitrary code execution , but was rather an issue discoveredVulnerability-related.DiscoverVulnerabilityby the Jenkins security team that allowed a small subset of existing Jenkins code to be invoked by a remote client , ” Daniel Beck , Jenkins security officer , told The Daily Swig in an email . “ While the known impact is pretty limited , we felt that the layer at which the vulnerability existed , and its potential warranted a higher score. ” These potential attacks include unauthenticated users being able to invalidate sessions when running with the built-in server , and users with overall/read permissions being able to create new user objects in memory . The advisory reads : “ Given the vast potential attack surface , we fully expect other attacks , that we are not currently aware of , to be possible on Jenkins releases that do not have this fix appliedVulnerability-related.PatchVulnerability. “ This is reflected in the high score we assignedVulnerability-related.DiscoverVulnerabilityto this issue , rather than limiting the score to the impact through known issues. ” Beck added : “ Jenkins users should always keep their instances up to date . In this case , we releasedVulnerability-related.PatchVulnerabilityupdates for two LTS lines simultaneously for the first time , so admins could applyVulnerability-related.PatchVulnerabilitythe update without having to go through a major version jump . “ We strive to fixVulnerability-related.PatchVulnerabilityall security vulnerabilities in Jenkins and plugins in a timely manner. ” Reflection is also used by Apache Struts , via the OGNL library . Struts has sufferedVulnerability-related.DiscoverVulnerabilitya number of serious security flaws in recent years . In 2017 , a vulnerability in the framework was exploitedVulnerability-related.DiscoverVulnerabilityto exposeAttack.Databreachthe details of up to 148 million Equifax customers . Another flaw , revealedVulnerability-related.DiscoverVulnerabilityin August 2018 , could lead to remote code execution . These issues underline the dangers of using reflection with untrusted data , and application architects would do well to avoid this unsafe practice .
Troubled browser has once again come under attack , with flaw discoveredVulnerability-related.DiscoverVulnerabilityin multiple versions of Internet Explorer . Microsoft has been forced to issueVulnerability-related.PatchVulnerabilityan emergency security patch for its Internet Explorer browser . The release came after Google security engineer Clement Lecigne uncoveredVulnerability-related.DiscoverVulnerabilitya critical vulnerability in several versions of Microsoft 's browser , and could have been activated simply by directing users to a malicious website The flaw , known as CVE-2018-8653 , affectsVulnerability-related.DiscoverVulnerabilityInternet Explorer 9 , 10 and 11 , with the update issuedVulnerability-related.PatchVulnerabilityto Windows 7 , 8.1 and 10 versions , as well as Windows Server 2008 , 2012 , 2016 and 2019 . `` A remote code execution vulnerability exists inVulnerability-related.DiscoverVulnerabilitythe way that the scripting engine handles objects in memory in Internet Explorer , '' Microsoft stated in its support document for the threat . `` The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user . '' The company has issuedVulnerability-related.PatchVulnerabilitya fix for the flaw now , outside of its typical Patch Tuesday security cycle , signifying it is a significant threat and should be patchedVulnerability-related.PatchVulnerabilityimmediately . Microsoft has gradually retired Internet Explorer from public view over the past few years as it focuses on its newer browser Edge , with only customised versions available to certain business users . The company may also be about to pull the plug on Edge as well , with report recently confirming Microsoft is set to introduce a new browser built on Google 's Chromium platform .
Facebook discoveredVulnerability-related.DiscoverVulnerabilitya security issue that allowed hackers to access information that could have let them take over around 50 million accounts , the company announcedVulnerability-related.DiscoverVulnerabilityon Friday . Following the disclosure , shares of Facebook extended midday losses and ended trading 2.5 percent down . `` This is a very serious security issue , and we 're taking it very seriously , '' said CEO Mark Zuckerberg on a call with reporters . Facebook shares , which were already down about 1.5 percent before the announcement , extended losses after the disclosure and ended down 2.6 percent . The company said in a blog post that its engineering team found on Tuesday that attackers identified a weakness in Facebook 's code regarding its `` View As '' feature . Facebook became aware of a potential attack after it noticed a spike in user activity on September 16 . `` View As '' lets users see what their profile looks like to other users on the platform . This vulnerability , which consisted of three separate bugs , also allowed the hackers to get access tokens — digital keys which let people stay logged into the service without having to re-enter their password — which could be used to control other people 's accounts . Almost 50 million accounts had their access tokens taken , and Facebook has reset those tokens . The company also reset tokens for an additional 40 million accounts who used the `` View As '' feature in the last year as a precautionary measure , for a total of 90 million accounts . Facebook had 2.23 billion monthly active users as of June 30 . The reset will require these users to re-enter their password when they return to Facebook or access an app that uses Facebook Login . They will also receive a notification at the top of their News Feed explaining what happened . In addition , the company suspended the `` View As '' feature while it reviews its security . Facebook said it fixedVulnerability-related.PatchVulnerabilitythe issue on Thursday night and has notified law enforcement including the FBI and the Irish Data Protection Commission in order to any addressVulnerability-related.PatchVulnerabilityGeneral Data Protection Regulation ( GDPR ) issues . Facebook said it has just begun its investigation and has not determined if any information was misused , but the initial investigation has not uncovered any information abuse . The hackers did query Facebook 's API system , which lets applications communicate with the platform , to get more user information . The company is not sure if the hackers used that data , nor does it know who orchestrated the hack or where the person or people are based . The company said there is no need to change passwords . If additional accounts are affected , Facebook said it will immediately reset those users ' access tokens . Facebook is doubling the number of employees who are working to improve security from 10,000 to 20,000 , the company reiterated . `` Security is an arms race , and we 're continuing to improve our defenses , '' Zuckerberg said . `` This just underscores there are constant attacks from people who are trying to underscore accounts in our community . ''
A bloke has told how he discoveredVulnerability-related.DiscoverVulnerabilitya bug in Valve 's Steam marketplace that could have been exploitedVulnerability-related.DiscoverVulnerabilityby thieves to steal game license keys and play pirated titles . Researcher Artem Moskowsky told The Register earlier this week that he stumbledVulnerability-related.DiscoverVulnerabilityacross the vulnerability – which earned him a $ 20,000 bug bounty for reportingVulnerability-related.DiscoverVulnerabilityit – by accident while looking over the Steam partner portal . That 's the site developers use to manage the games they make available for download from Steam . A professional bug-hunter and pentester , Moskowsky said he has been doing security research since he was in school , and for the past several years , he has made a career out of finding and reportingVulnerability-related.DiscoverVulnerabilityflaws . In this case , while looking through the Steam developer site , he noticed it was fairly easy to change parameters in an API request , and get activation keys for a selected game in return . Those keys , also known as CD keys , can be used to activate and play games downloaded from Steam . The API is provided so developers and their partners can obtain license keys for their titles to pass onto gamers . `` This bug was discoveredVulnerability-related.DiscoverVulnerabilityrandomly during the exploration of the functionality of a web application , '' Moskowsky explainedVulnerability-related.DiscoverVulnerability. `` It could have been used by any attacker who had access to the portal . '' Essentially , anyone who had an account on the developer portal would be able to access the game activation keys for any other game Steam hosted , and sell or distribute them for pirates to use to play games from Steam . Fetching from the /partnercdkeys/assignkeys/ API with a zero key count returned a huge bunch of activation keys . `` To exploit the vulnerability , it was necessary to make only one request , '' Moskowsky told El Reg . `` I managed to bypass the verification of ownership of the game by changing only one parameter . After that , I could enter any ID into another parameter and get any set of keys . '' How severe was the flaw ? Moskowski says that , in one case , he entered a random string into the request , to pick a title at random , and in return he got 36,000 activation keys for Portal 2 , a game that still retails for $ 9.99 in the Steam store . Fortunately for Valve , Moskowsky opted to privately come forward with the flaw via HackerOne . The programming blunder has since been fixedVulnerability-related.PatchVulnerability. As the HackerOne entry for the vulnerability shows , Moskowsky first submitted the reportVulnerability-related.DiscoverVulnerabilityon the flaw in early August . Three days later , Valve handed out the $ 15,000 bounty as well as a $ 5,000 bonus for the find , though Valve only allowed the report to go public on October 31 . The researcher told us this is a pretty good turnaround , and Valve in particular is very good with handling researcher requests and paying out bug bounties . Impressively , this $ 20,000 bounty is n't even the biggest payout Moskowsky has received from the games service . Back in July he was given a cool $ 25,000 for weeding outVulnerability-related.DiscoverVulnerabilitya SQL Injection bug in the same developer portal .
Cisco Systems this week issuedVulnerability-related.PatchVulnerabilityan update for its Adaptive Security Appliance ( ASA ) software , fixingVulnerability-related.PatchVulnerabilitya high-severity vulnerability that could allow authenticated attackers with low-level access to remotely escalate their privileges on Cisco devices with web management access enabled . Designated CVE-2018-15465 , the flaw is the result of an improper validation process while using the web management interface . “ An attacker could exploit this vulnerability by sending specific HTTP requests via HTTPS to an affected device as an unprivileged user , ” states a Dec. 19 Cisco security advisory . “ An exploit could allow the attacker to retrieve files ( including the running configuration ) from the device or to upload and replace software images on the device. ” The cybersecurity firm Tenable , whose researchers discoveredVulnerability-related.DiscoverVulnerabilitythe bug , explained its findings in further detail in a Dec 19 blog post . “ When command authorization is not enabled , an authenticated remote unprivileged ( level 0 or 1 ) user can change or download the running configuration as well as upload or replace the appliance firmware , ” wrote blog author and Tenable technical support engineer Ryan Seguin . “ Downgrading appliance firmware to an older version would allow an attacker to leverage known vulnerabilities that have been well researched or have publicly available exploit modules. ” “ Enabling command authorization prevents exploitation of this vulnerability , ” notes the Cisco advisory , although “ administrators should not enable command authorization using the AAA authorization command ” until they have defined “ which actions are allowed per privilege level using the privilege command in global configuration mode. ” Cisco addsVulnerability-related.PatchVulnerabilitythe AAA configuration must be “ accurate and complete ” in order for the software fix to properly take effect .
Apple has posted the annual full overhaul of the Mac operating system , this time focusing on a redesign of the look and feel of the interface . The 10.14 incarnation of macOS , known as Mojave , has been releasedVulnerability-related.PatchVulnerabilityinto general availability . It includes new features , interface updates , and security patches – though at least one hole was left unpatchedVulnerability-related.PatchVulnerability. Apple is touting a set of interface improvements with the update , most notably the addition of a `` Dark Mode '' color scheme option and a Dynamic Desktop background that changes the image with the time of day . In more useful features , there 's the Stacks utility that organizes messy desktops by grouping files into categories . Apple also added a set of new News , Stocks , Voice Memos , and Home applications for macOS , porting the tools from iOS , while the Mac Continuity Camera app will let users snap and share pictures from their iOS device . Apple also redesigned the macOS version of the App Store service . Nestled into the Mojave update was a patch bundle that addressesVulnerability-related.PatchVulnerabilitymore than a half-dozen security holes . Mojave will include fixes for eight CVE-listed vulnerabilities . These include two remote code execution flaws in the kernel ( CVE-2018-4336 , CVE-2018-4344 ) and weak RC4 encryption ( CVE-2016-1777 ) . That '4344 flaw was discoveredVulnerability-related.DiscoverVulnerabilityby eggheads at the UK government 's eavesdropping nerve center , GCHQ . Other flaws include a traffic intercept flaw in Bluetooth ( CVE-2018-5383 ) , a sandbox escape in the operation firewall ( CVE-2018-4353 ) , a restricted memory access flaw in Crash Reporter ( CVE-2018-4333 ) , and flaws in both Auto Unlock ( CVE-2018-4321 ) and App Store ( CVE-2018-4324 ) that would allow an attacker to access the user 's Apple ID . Seemingly , these patches are only availableVulnerability-related.PatchVulnerabilityfor macOS 10.14 – however , previous versions of the operating system were fixedVulnerability-related.PatchVulnerabilityup last week . It did n't take long for at least one researcher to blast holes in the security features of the new operating system . Shortly after Mojave arrived , macOS guru Patrick Wardle dropped word of a vulnerability he discoveredVulnerability-related.DiscoverVulnerabilitythat would allow an attacker to bypass the privacy safeguards in Mojave that would normally prevent an unauthorized app from accessing things like users ' contact details . Here 's a video of the exploit ... Wardle saidVulnerability-related.DiscoverVulnerabilityhe has reportedVulnerability-related.DiscoverVulnerabilitythe bug to Apple , but will not release details beyond the proof-of-concept video until a fix can be releasedVulnerability-related.PatchVulnerability. More technical details are due to be released in November .
Yesterday , on Microsoft ’ s Patch Tuesday the company releasedVulnerability-related.PatchVulnerabilityits monthly security patches that fixedVulnerability-related.PatchVulnerability62 security flaws . These fixes also included a fix for a zero-day vulnerability that was under active exploitation before these patches were made availableVulnerability-related.PatchVulnerability. Microsoft also announced the re-release of its Windows 10 version 1809 and Windows Server 2019 . Microsoft credited Kaspersky Lab researchers for discoveringVulnerability-related.DiscoverVulnerabilitythis zero-day , which is also known asVulnerability-related.DiscoverVulnerabilityCVE-2018-8589 and impactsVulnerability-related.DiscoverVulnerabilitythe Windows Win32k component . A Kaspersky spokesperson told ZDNet , “ they discoveredVulnerability-related.DiscoverVulnerabilitythe zero-day being exploitedVulnerability-related.DiscoverVulnerabilityby multiple cyber-espionage groups ( APTs ) . ” The zero-day had been used to elevate privileges on 32-bit Windows 7 versions . This is the second Windows elevation of privilege zero-day patchedVulnerability-related.PatchVulnerabilityby Microsoft discoveredVulnerability-related.DiscoverVulnerabilityby Kaspersky researchers . Last month , Microsoft patchedVulnerability-related.PatchVulnerabilityCVE-2018-8453 , another zero-day that had been used by a state-backed cyber-espionage group known as FruityArmor . However , in this month ’ s Patch Tuesday , Microsoft has not patchedVulnerability-related.PatchVulnerabilitya zero-day that is affectingVulnerability-related.DiscoverVulnerabilitythe Windows Data Sharing Service ( dssvc.dll ) . This zero-day was disclosedVulnerability-related.DiscoverVulnerabilityon Twitter at the end of October . According to ZDNet , “ Microsoft has published this month a security advisory to instruct users on how to properly configure BitLocker when used together with solid-state drives ( SSDs ) . ” As reported by Microsoft , the Windows 10 October 2018 update caused user ’ s data loss post updating . Due to this , the company decided to pause the update . However , yesterday , Microsoft announced that it is re-releasing Windows 10 version 1809 . John Cable , the director of Program Management for Windows Servicing and Delivery at Microsoft said , “ the data-destroying bug that triggered that unprecedented decision , as well as other quality issues that emerged during the unscheduled hiatus , have been thoroughly investigated and resolved. ” Microsoft also announced the re-release of Windows Server 2019 , which was affectedVulnerability-related.DiscoverVulnerabilityby the same issue . According to ZDNet , “ The first step in the re-release is to restore the installation files to its Windows 10 Download page so that “ seekers ” ( the Microsoft term for advanced users who go out of their way to install a new Windows version ) can use the ISO files to upgrade PCs running older Windows 10 versions. ” Michael Fortin , Windows Corporate Vice President , in a blog post , offered some context behind the recent issues and announced changes to the way the company approaches communications and also the transparency around their process . Per Fortin , “ We obsess over these metrics as we strive to improve product quality , comparing current quality levels across a variety of metrics to historical trends and digging into any anomaly. ” To know more about this in detail , visit Microsoft ’ s official blog post .
Yesterday , on Microsoft ’ s Patch Tuesday the company releasedVulnerability-related.PatchVulnerabilityits monthly security patches that fixedVulnerability-related.PatchVulnerability62 security flaws . These fixes also included a fix for a zero-day vulnerability that was under active exploitation before these patches were made availableVulnerability-related.PatchVulnerability. Microsoft also announced the re-release of its Windows 10 version 1809 and Windows Server 2019 . Microsoft credited Kaspersky Lab researchers for discoveringVulnerability-related.DiscoverVulnerabilitythis zero-day , which is also known asVulnerability-related.DiscoverVulnerabilityCVE-2018-8589 and impactsVulnerability-related.DiscoverVulnerabilitythe Windows Win32k component . A Kaspersky spokesperson told ZDNet , “ they discoveredVulnerability-related.DiscoverVulnerabilitythe zero-day being exploitedVulnerability-related.DiscoverVulnerabilityby multiple cyber-espionage groups ( APTs ) . ” The zero-day had been used to elevate privileges on 32-bit Windows 7 versions . This is the second Windows elevation of privilege zero-day patchedVulnerability-related.PatchVulnerabilityby Microsoft discoveredVulnerability-related.DiscoverVulnerabilityby Kaspersky researchers . Last month , Microsoft patchedVulnerability-related.PatchVulnerabilityCVE-2018-8453 , another zero-day that had been used by a state-backed cyber-espionage group known as FruityArmor . However , in this month ’ s Patch Tuesday , Microsoft has not patchedVulnerability-related.PatchVulnerabilitya zero-day that is affectingVulnerability-related.DiscoverVulnerabilitythe Windows Data Sharing Service ( dssvc.dll ) . This zero-day was disclosedVulnerability-related.DiscoverVulnerabilityon Twitter at the end of October . According to ZDNet , “ Microsoft has published this month a security advisory to instruct users on how to properly configure BitLocker when used together with solid-state drives ( SSDs ) . ” As reported by Microsoft , the Windows 10 October 2018 update caused user ’ s data loss post updating . Due to this , the company decided to pause the update . However , yesterday , Microsoft announced that it is re-releasing Windows 10 version 1809 . John Cable , the director of Program Management for Windows Servicing and Delivery at Microsoft said , “ the data-destroying bug that triggered that unprecedented decision , as well as other quality issues that emerged during the unscheduled hiatus , have been thoroughly investigated and resolved. ” Microsoft also announced the re-release of Windows Server 2019 , which was affectedVulnerability-related.DiscoverVulnerabilityby the same issue . According to ZDNet , “ The first step in the re-release is to restore the installation files to its Windows 10 Download page so that “ seekers ” ( the Microsoft term for advanced users who go out of their way to install a new Windows version ) can use the ISO files to upgrade PCs running older Windows 10 versions. ” Michael Fortin , Windows Corporate Vice President , in a blog post , offered some context behind the recent issues and announced changes to the way the company approaches communications and also the transparency around their process . Per Fortin , “ We obsess over these metrics as we strive to improve product quality , comparing current quality levels across a variety of metrics to historical trends and digging into any anomaly. ” To know more about this in detail , visit Microsoft ’ s official blog post .