Vendors are reacting Vulnerability-related.DiscoverVulnerability swiftly to a vulnerability that lets attackers eavesdrop on your network traffic . Monday morning was not a great time to be an IT admin , with the public release Vulnerability-related.DiscoverVulnerability of a bug that effectively broke WPA2 wireless security . As reported Vulnerability-related.DiscoverVulnerability previously by ZDNet , the bug , dubbed `` KRACK '' -- which stands for Key Reinstallation Attack -- is at heart a fundamental flaw in the way Wi-Fi Protected Access II ( WPA2 ) operates . The security protocol , an upgrade from WEP , is used to protect and secure communications between everything from our routers , mobile devices , and Internet of Things ( IoT ) devices , but there is an issue in the system 's four-way handshake that permits devices with a pre-shared password to join a network . According to security researcher and academic Mathy Vanhoef , who discovered Vulnerability-related.DiscoverVulnerability the flaw , threat actors can leverage the vulnerability to decrypt traffic , hijack connections , perform man-in-the-middle attacks , and eavesdrop on communication sent from a WPA2-enabled device . US-CERT has known Vulnerability-related.DiscoverVulnerability of the bug for some months and informed Vulnerability-related.DiscoverVulnerability vendors ahead of the public disclosure Vulnerability-related.DiscoverVulnerability to give them time to prepare Vulnerability-related.PatchVulnerability patches and prevent Vulnerability-related.PatchVulnerability the vulnerability from being exploited Vulnerability-related.DiscoverVulnerability in the wild -- of which there are no current reports Vulnerability-related.DiscoverVulnerability of this bug being harnessed by cyberattackers . The bug is present in Vulnerability-related.DiscoverVulnerability WPA2 's cryptographic nonce and can be utilized to dupe a connected party into reinstalling a key which is already in use . While the nonce is meant to prevent replay attacks , in this case , attackers are then given the opportunity to replay , decrypt , or forge packets . In general , Windows and newer versions of iOS are unaffected Vulnerability-related.DiscoverVulnerability , but the bug can have a serious impact on Vulnerability-related.DiscoverVulnerability Android 6.0 Marshmallow and newer . The attack could also be devastating for IoT devices , as vendors often fail to implement acceptable security standards or update systems in the supply chain , which has already led to millions of vulnerable and unpatched IoT devices being exposed for use by botnets . The vulnerability does not mean the world of WPA2 has come crumbling down , but it is up to vendors to mitigate Vulnerability-related.PatchVulnerability the issues this may cause . In total , ten CVE numbers have been preserved to describe Vulnerability-related.DiscoverVulnerability the vulnerability and its impact Vulnerability-related.DiscoverVulnerability , and according to the US Department of Homeland Security ( DHS ) , the main affected vendors are Aruba , Cisco , Espressif Systems , Fortinet , the FreeBSD Project , HostAP , Intel , Juniper Networks , Microchip Technology , Red Hat , Samsung , various units of Toshiba and Ubiquiti Networks .

Microsoft ’ s updates for the Meltdown microprocessor mega-flaw inadvertently left users running Windows 7 64-bit systems open to a “ way worse ” flaw , a researcher has claimed Vulnerability-related.DiscoverVulnerability . To recap , Meltdown ( aka F * * CKWIT or CVE-2017-5754 ) is a proof-of-concept hardware vulnerability uncovered Vulnerability-related.DiscoverVulnerability almost simultaneously by several groups of researchers through which an attacker could access the contents of kernel memory ( passwords , encryption keys , say ) from the part used by ordinary applications . An extremely inviting target for any attacker , which is why Microsoft sprang into action to mitigate Vulnerability-related.PatchVulnerability the vulnerability ( in addition to BIOS updates from vendors ) across different Windows versions in two rounds of updates Vulnerability-related.PatchVulnerability in January and February . But according to Ulf Frisk , something went awry starting with the January update when applied to Windows 7 and Windows Server 2008 R2 , which miss-set controlling permissions for something called the Page Map Level 4 ( PML4 ) . This is a table used by Intel microprocessors to “ translate the virtual addresses of a process into physical memory addresses in RAM. ” Set correctly , only the kernel should be able to access this table . The result of the issue is that an attacker aware of the flaw would have the ability to break out of the application space and take over a system . All this from a simple software mistake : No fancy exploits were needed . Windows 7 already did the hard work of mapping in the required memory into every running process . Exploitation was just a matter of read and write to already mapped in-process virtual memory . No fancy APIs or syscalls required – just standard read and write !

Last month , Microsoft Patch Tuesday addressed Vulnerability-related.PatchVulnerability 60 vulnerabilities that also included two zero-day flaws . This month also , the tech giant released Vulnerability-related.PatchVulnerability a huge patch update to mitigate Vulnerability-related.PatchVulnerability various flaws in its products . The Microsoft September patch fixed Vulnerability-related.PatchVulnerability around 61 different vulnerabilities . The patch bundle also included a fix for the recently discovered APLC zero-day vulnerability that has already created trouble . Recently , a zero-day vulnerability disclosed Vulnerability-related.DiscoverVulnerability on Twitter has created a lot of chaos as it was immediately exploited Vulnerability-related.DiscoverVulnerability in a malware campaign . The APLC zero-day flaw gained attention after a Twitter user with the alias SandboxEscaper disclosed Vulnerability-related.DiscoverVulnerability it in a tweet . Later , a CERT/CC researcher verified Vulnerability-related.DiscoverVulnerability the bug . This vulnerability in the Windows Task Scheduler allowed an attacker to gain System-level access . As promised at that time by the firm , the Microsoft September patch has addressed Vulnerability-related.PatchVulnerability this Advanced Local Procedure Call ( ALPC ) flaw . As disclosed Vulnerability-related.DiscoverVulnerability in their advisory , Microsoft acknowledged Vulnerability-related.DiscoverVulnerability the exploitation of this vulnerability ( CVE-2018-8440 ) . Explaining the details about the bug and the patch released Vulnerability-related.PatchVulnerability , Microsoft states , “ To exploit this vulnerability , an attacker would first have to log on to the system . An attacker could then run a specially crafted application that could exploit the vulnerability and take control over an affected system . The update addresses Vulnerability-related.PatchVulnerability the vulnerability by correcting how Windows handles calls to ALPC. ” Besides the single APLC zero-day flaw , Microsoft also patched Vulnerability-related.PatchVulnerability 61 other flaws in various products , including 17 critical vulnerabilities . The affected software receiving Vulnerability-related.PatchVulnerability the bug fixes include Microsoft Windows , Microsoft Edge , ChakraCore , Microsoft Office and Web Apps , Microsoft.Data.OData , Internet Explorer , ASP.NET and the .NET Framework . In addition , the Microsoft September patch also addressed Vulnerability-related.PatchVulnerability a flaw in the Adobe Flash Player ( CVE-2018-15967 ) . Although Adobe also released Vulnerability-related.PatchVulnerability a fix for this vulnerability along with other fixes released Vulnerability-related.PatchVulnerability this week in the September Update pack .

Microsoft releases Vulnerability-related.PatchVulnerability Intel 's microcode updates , including one to address Vulnerability-related.PatchVulnerability the recently revealed Foreshadow flaw . Microsoft has released Vulnerability-related.PatchVulnerability a set of new microcode patches from Intel that address Vulnerability-related.PatchVulnerability Spectre vulnerabilities , as well as the recently disclosed Foreshadow attacks . The updates are available Vulnerability-related.PatchVulnerability for all supported versions of Windows 10 and Windows Server . As noted on the support page for Windows 10 version 1803 , the microcode updates include mitigations for Spectre Variant 3a , CVE-2018-3640 , Spectre Variant 4 , CVE-2018-3639 , as well as two of the Foreshadow bugs , CVE-2018-3615 and CVE-2018-3646 , which are also known as Vulnerability-related.DiscoverVulnerability L1TF or 'L1 Terminal Fault ' . As Microsoft recently highlighted Vulnerability-related.DiscoverVulnerability , Windows machines with affected Intel CPUs will need microcode as well as software patches to mitigate Vulnerability-related.PatchVulnerability the Foreshadow attacks . Microsoft began helping Intel deliver Vulnerability-related.PatchVulnerability its microcode updates after Intel first started addressing Vulnerability-related.PatchVulnerability the Meltdown and Spectre CPU flaws in January . The microcode updates help mitigate Vulnerability-related.PatchVulnerability Spectre Variant 2 , CVE-2017-5715 . Foreshadow includes CVE-2018-3615 , which affects Vulnerability-related.DiscoverVulnerability Intel 's Software Guard Extensions ( SGX ) enclaves , while CVE-2018-3620 affects Vulnerability-related.DiscoverVulnerability operating systems and System Management Mode ( SMM ) memory . CVE-2018-3646 impacts Vulnerability-related.DiscoverVulnerability virtualization . Microsoft made Vulnerability-related.PatchVulnerability the updates , all dated 8/20/2018 , available Vulnerability-related.PatchVulnerability on the Microsoft Update Catalog this week .

Microsoft releases Vulnerability-related.PatchVulnerability Intel 's microcode updates , including one to address Vulnerability-related.PatchVulnerability the recently revealed Foreshadow flaw . Microsoft has released Vulnerability-related.PatchVulnerability a set of new microcode patches from Intel that address Vulnerability-related.PatchVulnerability Spectre vulnerabilities , as well as the recently disclosed Foreshadow attacks . The updates are available Vulnerability-related.PatchVulnerability for all supported versions of Windows 10 and Windows Server . As noted on the support page for Windows 10 version 1803 , the microcode updates include mitigations for Spectre Variant 3a , CVE-2018-3640 , Spectre Variant 4 , CVE-2018-3639 , as well as two of the Foreshadow bugs , CVE-2018-3615 and CVE-2018-3646 , which are also known as Vulnerability-related.DiscoverVulnerability L1TF or 'L1 Terminal Fault ' . As Microsoft recently highlighted Vulnerability-related.DiscoverVulnerability , Windows machines with affected Intel CPUs will need microcode as well as software patches to mitigate Vulnerability-related.PatchVulnerability the Foreshadow attacks . Microsoft began helping Intel deliver Vulnerability-related.PatchVulnerability its microcode updates after Intel first started addressing Vulnerability-related.PatchVulnerability the Meltdown and Spectre CPU flaws in January . The microcode updates help mitigate Vulnerability-related.PatchVulnerability Spectre Variant 2 , CVE-2017-5715 . Foreshadow includes CVE-2018-3615 , which affects Vulnerability-related.DiscoverVulnerability Intel 's Software Guard Extensions ( SGX ) enclaves , while CVE-2018-3620 affects Vulnerability-related.DiscoverVulnerability operating systems and System Management Mode ( SMM ) memory . CVE-2018-3646 impacts Vulnerability-related.DiscoverVulnerability virtualization . Microsoft made Vulnerability-related.PatchVulnerability the updates , all dated 8/20/2018 , available Vulnerability-related.PatchVulnerability on the Microsoft Update Catalog this week .

Overall , the chip giant patched Vulnerability-related.PatchVulnerability five vulnerabilities across an array of its products . Intel on Tuesday patched Vulnerability-related.PatchVulnerability three high-severity vulnerabilities that could allow the escalation of privileges across an array of products . Overall , the chip giant fixed Vulnerability-related.PatchVulnerability five bugs – three rated high-severity , and two medium-severity . The most concerning of these bugs is an escalation-of-privilege glitch in Intel ’ s PROset/Wireless Wi-Fi software , which is its wireless connection management tool . The vulnerability , CVE-2018-12177 , has a “ high ” CVSS score of 7.8 , according to Intel ’ s update . “ Intel is releasing Vulnerability-related.PatchVulnerability software updates to mitigate Vulnerability-related.PatchVulnerability this potential vulnerability , ” it said , urging users to update Vulnerability-related.PatchVulnerability to version 20.90.0.7 or later of the software . The vulnerability , reported Vulnerability-related.DiscoverVulnerability by Thomas Hibbert of Insomnia Security , stems from improper directory permissions plaguing the software ’ s ZeroConfig service in versions before 20.90.0.7 . The issue could allow an authorized user to potentially enable escalation of privilege via local access . The other high-severity bug exists in Vulnerability-related.DiscoverVulnerability the company ’ s System Support Utility for Windows , which offers support for Intel-packed Windows device users . This bug ( CVE-2019-0088 ) is due to insufficient path checking in the support utility , allowing an already-authenticated user to potentially gain escalation of privilege via local access . The vulnerability has a CVSS score of 7.5 . Versions of System Support Utility for Windows before 2.5.0.15 are impacted Vulnerability-related.DiscoverVulnerability ; Intel recommends Vulnerability-related.PatchVulnerability users update Vulnerability-related.PatchVulnerability to versions 2.5.0.15 or later . Independent security researcher Alec Blance was credited with discovering Vulnerability-related.DiscoverVulnerability the flaw . The chip-maker also patched Vulnerability-related.PatchVulnerability a high-severity and medium-severity flaw in its Software Guard Extensions ( SGX ) platform and software , which help application developers to protect select code and data from disclosure or modification . “ Multiple potential security vulnerabilities in Intel SGX SDK and Intel SGX Platform Software may allow escalation of privilege or information disclosure , ” said Vulnerability-related.DiscoverVulnerability Intel . The high-severity flaw in SGX ( CVE-2018-18098 ) has a CVSS score of 7.5 and could allow an attacker with local access to gain escalated privileges . The vulnerability is rooted in Vulnerability-related.DiscoverVulnerability improper file verification in the install routine for Intel ’ s SGX SDK and Platform Software for Windows before 2.2.100 . It was discovered Vulnerability-related.DiscoverVulnerability by researcher Saif Allah ben Massaoud . Another vulnerability in the platform ( CVE-2018-12155 ) is only medium in severity , but could allow an unprivileged user to cause information disclosure via local access . That ’ s due to data leakage Attack.Databreach in the cryptographic libraries of the SGX platform ’ s Integrated Performance Primitives , a function that provides developers with building blocks for image and data processing . And finally , a medium escalation of privilege vulnerability in Intel ’ s SSD data-center tool for Windows has been patched Vulnerability-related.PatchVulnerability . “ Improper directory permissions in the installer for the Intel SSD Data Center Tool for Windows before v3.0.17 may allow authenticated users to potentially enable an escalation of privilege via local access , ” said Vulnerability-related.DiscoverVulnerability Intel ’ s update . The company recommends users update to v3.0.17 or later . Intel ’ s patch comes Vulnerability-related.PatchVulnerability during a busy patch Tuesday week , which includes fixes from Adobe and Microsoft .

The Internet Systems Consortium patched Vulnerability-related.PatchVulnerability the BIND domain name system this week , addressing Vulnerability-related.PatchVulnerability a remotely exploitable vulnerability it considers high severity and said could lead to a crash . The issue affects Vulnerability-related.DiscoverVulnerability servers that use both the DNS64 and RPZ function simultaneously . DNS64 is a mechanism for synthesizing AAAA records from A records . It ’ s traditionally used to allow IPv6-only clients to receive IPv6 addresses proxied to IPv4 addresses . The RPZ mechanism is used by Domain Name System recursive resolvers to allow for the customized handling of the resolution of collections of domain name information . Versions 9.8.8 , 9.9.3-S1 , 9.9.3 , 9.9.10b1 , 9.10.0 , and 9.10.5b1 , 9.11.0 are all considered vulnerable Vulnerability-related.DiscoverVulnerability , according to the ISC . When servers use both mechanisms simultaneously , a vulnerability ( CVE-2017-3135 ) that stems from query processing could result in an inconsistent state , triggering either an INSIST assertion failure or an attempt to read through a NULL pointer , according to a security advisory published Vulnerability-related.DiscoverVulnerability Wednesday . The INSIST assertion failure could lead to a subsequent abort , ISC said , while the NULL pointer in some instances can lead to a segmentation fault , which causes the process to be terminated . Ramesh Damodaran and Aliaksandr Shubnik , engineers at Infoblox , a Silicon Valley firm that does DNS , DHCP and IP management , uncovered Vulnerability-related.DiscoverVulnerability the vulnerability and reported Vulnerability-related.DiscoverVulnerability it to the ISC . Damodaran previously helped identified Vulnerability-related.DiscoverVulnerability an unspecified packet processing remote denial of service vulnerability in BIND 9 . The Internet Systems Consortium patched Vulnerability-related.PatchVulnerability the BIND domain name system this week , addressing Vulnerability-related.PatchVulnerability what it calls a critical error condition in the software . Researchers find industrial control system malware similar to BlackEnergy , Havex , and Stuxnet going undetected on Google VirusTotal for years . The Internet Systems Consortium ( ISC ) announced it is planning to patch Vulnerability-related.PatchVulnerability versions of its DHCP to mitigate Vulnerability-related.PatchVulnerability a denial of service vulnerability .

The list of tested apps includes MyPasswords , Informaticore , LastPass , Keeper , F-Secure Key , Dashlane , Hide Pictures Keep Safe Vault , Avast Passwords , and 1Password . All tested apps were installed on at least 500,000 devices , with some apps having millions of users . The research team says Vulnerability-related.DiscoverVulnerability these apps featured Vulnerability-related.DiscoverVulnerability different kinds of security flaws , listed below : `` The overall results were extremely worrying and revealed Vulnerability-related.DiscoverVulnerability that password manager applications , despite their claims , do not provide enough protection mechanisms for the stored passwords and credentials , '' the research team concluded Vulnerability-related.DiscoverVulnerability . `` Instead , they abuse the users ' confidence and expose them to high risks . '' In total , security researchers found Vulnerability-related.DiscoverVulnerability 26 security bugs , ranging from low to critical-level issues . The research team went public with their findings at the start of the week . Initially , app makers fixed Vulnerability-related.PatchVulnerability 23 of the 26 flaws , with Avast still lagging behind on three issues . Nevertheless , by March 1 , Avast had also patched Vulnerability-related.PatchVulnerability its product , and now users can update Vulnerability-related.PatchVulnerability to the applications ' latest versions to mitigate Vulnerability-related.PatchVulnerability all issues discovered Vulnerability-related.DiscoverVulnerability during the research . The research team 's name is TeamSIK ( Security Is Key ) , made up of several security professionals from the Fraunhofer Institute for Secure Information Technology in Darmstadt , Germany . Vulnerability reports Vulnerability-related.DiscoverVulnerability for most of the found issues are available on TeamSIK 's project homepage