Tag Archives: security

PC vendors scramble as Intel reveals major vulnerability in PC firmware

By Sean Gallagher

Enlarge / All the Cores are affected by a major vulnerability in management firmware—as are Xeon servers and Atom, Celeron and Pentium devices. (credit: Intel)

Intel has issued a security alert that management firmware on a number of recent PC, server, and Internet-of-Things processor platforms is vulnerable to remote attack. Using the vulnerabilities, the most severe of which was uncovered by Mark Ermolov and Maxim Goryachy of Positive Technologies Research, remote attackers could launch commands on a host of Intel-based computers, including laptops and desktops shipped with Intel Core processors since 2015. They could gain access to privileged system information, and millions of computers could essentially be taken over as a result of the bug.

The company has posted a detection tool on its support website for Windows and Linux to help identify systems that are vulnerable. In the security alert, members of Intel’s security team stated that “in response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of its Intel® Management Engine (ME), Intel® Trusted Execution Engine (TXE), and Intel® Server Platform Services (SPS) with the objective of enhancing firmware resilience.”

Four vulnerabilities were discovered that affect Intel Management Engine firmware versions 11.0 through 11.20. Two were found in earlier versions of ME, as well as two in Server Platform Services version 4.0 firmware and two in TXE version 3.0.

Read 3 remaining paragraphs | Comments

Source:: Ars Tecnica


Follow Tim on Twitter @tl1000rzx2
Or check out my other Tablet Site: THE Tablet Test Server
Or you could get your own free WordPress site for free right now, here.
Shop Our Sponsor


Shop Our Sponsor


HP Laptops at Super Low Prices!

An alarming number of sites employ privacy-invading session replay scripts

By Dan Goodin

Enlarge (credit: Steven Englehardt)

If you have the uncomfortable sense someone is looking over your shoulder as you surf the Web, you’re not being paranoid. A new study finds hundreds of sites—including microsoft.com, adobe.com, and godaddy.com—employ scripts that record visitors’ keystrokes, mouse movements, and scrolling behavior in real time, even before the input is submitted or is later deleted.

Session replay scripts are provided by third-party analytics services that are designed to help site operators better understand how visitors interact with their Web properties and identify specific pages that are confusing or broken. As their name implies, the scripts allow the operators to re-enact individual browsing sessions. Each click, input, and scroll can be recorded and later played back.

A study published last week reported that 482 of the 50,000 most trafficked websites employ such scripts, usually with no clear disclosure. It’s not always easy to detect sites that employ such scripts. The actual number is almost certainly much higher, particularly among sites outside the top 50,000 that were studied.

Read 9 remaining paragraphs | Comments

Source:: Ars Tecnica

Kind of makes you want to go to the sites mentioned and type nasty comments into the search boxes…after all, they shouldn’t be doing this, so they can’t complain about being offended. 🙂

Tim


Follow Tim on Twitter @tl1000rzx2
Or check out my other Tablet Site: THE Tablet Test Server
Or you could get your own free WordPress site for free right now, here.
Shop Our Sponsor


Shop Our Sponsor


HP Laptops at Super Low Prices!

Microsoft patches Equation Editor flaw without fixing the source code

By Peter Bright

When a company like Microsoft needs to fix a security flaw in one of its products, the process is normally straightforward: determine where the bug lies, change the program’s source code to fix the bug, and then recompile the program. But it looks like the company had to step outside this typical process for one of the flaws it patched this Tuesday. Instead of fixing the source code, it appears that the company’s developers made a series of careful changes directly to the buggy program’s executable file.

Bug CVE-2017-11882 is a buffer overflow in the ancient Equation Editor that comes with Office. The Equation Editor allocates a fixed-size piece of memory to hold a font name and then copies the font name from the equation file into this piece of memory. It doesn’t, however, check to ensure that the font name will fit into this piece of memory. When provided with a font name that’s too long, the Equation Editor overflows the buffer, corrupting its own memory, and an attacker can use this to execute arbitrary malicious code.

Normally the work to fix this would be to determine the length of the font name and create a buffer that’s big enough to hold it. It’s a simple enough change to make in source code. If that’s not possible—there are occasional situations where a buffer can’t easily be made bigger—then the next best solution is to limit the amount of data copied to it, truncating the font name if it’s too long to fit. Again, this is a simple change to make in the source code.

Read 6 remaining paragraphs | Comments

Source:: Ars Tecnica


Follow Tim on Twitter @tl1000rzx2
Or check out my other Tablet Site: THE Tablet Test Server
Or you could get your own free WordPress site for free right now, here.
Shop Our Sponsor


Shop Our Sponsor


HP Laptops at Super Low Prices!

OnePlus engineering APK exposes backdoor to root access

By Ron Amadeo

Enlarge / The OnePlus 5. (credit: Ron Amadeo)

A Twitter user by the name “Elliot Alderson“‏ has discovered a root backdoor in OnePlus devices—one that has apparently been shipping for years. OnePlus has been shipping a Qualcomm engineering APK (an Android app file) in its devices, which with a few commands, can root a device.

The app—called “EngineerMode”—is partially exposed to users through a secret “*#808#” dialer command, and you can also launch the full app through an Android activity launcher or the command line. The app contains production-line tests for various phone components, a root checker, and lots of information readouts. The important part, though, is a “DiagEnabled” activity with a method called “escalatedUp.” If this is set to “true,” the app will allow root access over Android Debug Bridge, Android’s command-line developer tools.

The method for gaining root is password protected, but the password lasted all of three hours once the method was discovered. With the help of David Weinstein and the Now Secure team, the group discovered the magic word is “angela,” which is possibly another Mr. Robot reference, just like the “Elliot Alderson” handle. (We swear this is real and not a Mr. Robot AGR.)

Read 3 remaining paragraphs | Comments

Source:: Ars Tecnica


Follow Tim on Twitter @tl1000rzx2
Or check out my other Tablet Site: THE Tablet Test Server
Or you could get your own free WordPress site for free right now, here.
Shop Our Sponsor


Shop Our Sponsor


HP Laptops at Super Low Prices!

New Microsoft Word attacks infect PCs sans macros

By Dan Goodin

Enlarge (credit: Microsoft)

Fancy Bear, the advanced hacking group researchers say is tied to the Russian government, is actively exploiting a newly revived technique that gives attackers a stealthy means of infecting computers using Microsoft Office documents, security researchers said this week.

Fancy Bear is one of two Russian-sponsored hacking outfits researchers say breached Democratic National Committee networks ahead of last year’s presidential election. The group was recently caught sending a Word document that abuses a feature known as Dynamic Data Exchange. DDE allows a file to execute code stored in another file and allows applications to send updates as new data becomes available.

In a blog post published Tuesday, Trend Micro researchers said Fancy Bear was sending a document titled IsisAttackInNewYork.docx that abused the DDE feature. Once opened, the file connects to a control server to download a first-stage of piece of malware called Seduploader and installs it on a target’s computer. DDE’s potential as an infection technique has been known for years, but a post published last month by security firm SensePost has revived interest in it. The post showed how DDE could be abused to install malware using Word files that went undetected by anti-virus programs.

Read 6 remaining paragraphs | Comments

Source:: Ars Tecnica


Follow Tim on Twitter @tl1000rzx2
Or check out my other Tablet Site: THE Tablet Test Server
Or you could get your own free WordPress site for free right now, here.
Shop Our Sponsor


Shop Our Sponsor


HP Laptops at Super Low Prices!