March 22, 2024
Severity High Analysis Summary Ducktail Malware is a malicious program designed by hackers to infiltrate computers and networks globally. Ducktail malware is typically delivered through a […]
Rewterz Threat Advisory – CVE-2019-6574 – Siemens SINAMICS PERFECT HARMONY GH180 Fieldbus Network Denial of Service Vulnerability
May 15, 2019
Rewterz Threat Advisory – CVE-2019-0708 Microsoft Remote Desktop Services Vulnerability
May 16, 2019
Rewterz Threat Advisory – CVE-2019-6574 – Siemens SINAMICS PERFECT HARMONY GH180 Fieldbus Network Denial of Service Vulnerability
May 15, 2019
Rewterz Threat Advisory – CVE-2019-0708 Microsoft Remote Desktop Services Vulnerability
May 16, 2019
Severity
Medium
Analysis Summary
Vulnerabilities have been reported known as ZombieLoad — or microarchitectural data sampling (MDS) as its technical name — which can leak sensitive data stored in the processor, such as passwords, secret keys and account tokens and private messages.
These CPU side channel issues (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091) are a set of speculative execution side-channel vulnerabilities which potentially allow results from previous execution on a core to be observed across security boundaries via microarchitectural state, on certain Intel CPUs.
An attacker successfully exploiting these vulnerabilities could read sensitive data from other processes running on the system, breaking the isolation between processes provided by modern operating systems. If Chrome processes are attacked, these sensitive data could include website contents as well as passwords, credit card numbers, or cookies.
Impact
- Information Disclosure
- Security Bypass
Affected Vendors
- Amazon
- Apple
- Microsoft
- Mozilla
Remediation
The affected vendors are patching these vulnerabilities in their products as follows:
Mozilla:
“The macOS mitigation will be part of our upcoming Firefox release (67) and Extended Support Release update (60.7), both scheduled for May 21.”
Amazon:
All EC2 host infrastructure has been updated with these new protections, and no customer action is required at the infrastructure level.
Microsoft:
Microsoft is pushing many of the microcode updates itself through Windows Update, but they are also available from its website.
Apple
Apple has released security updates in macOS Mojave 10.14.5 to protect against speculative execution vulnerabilities in Intel CPUs.
(The flaws do not affect Apple iOS devices or Apple Watch)
Google:
Android devices aren’t affected but Intel-only devices will need to be patched once updates are available.
- Chrome OS:
Chrome OS has disabled Hyper-Threading on Chrome OS 74 and subsequent versions. This provides protection against attacks using MDS.
- macOS
macOS Mojave 10.14.5 includes MDS mitigations. These have been adopted by Chrome and will be included in Chrome 75.
- Windows
Windows users should apply updates with MDS mitigations as soon as they are available
- Linux
Linux users should apply kernel and CPU microcode updates as soon as they are available from their distribution vendor, and follow any guidance to adjust system settings.
- iOS
Apple iOS devices use CPUs not known to be vulnerable to MDS.
- Android
Only Intel-based systems need to be patched once updates are available.