Login to your account

Username *
Password *
Remember Me

Create an account

Fields marked with an asterisk (*) are required.
Name *
Username *
Password *
Verify password *
Email *
Verify email *
Captcha *
Reload Captcha
November 18, 2018
Latest Cyber News, Help & Advice

Advertisement 

×

Message

EU e-Privacy Directive

This website uses cookies to manage authentication, navigation, and other functions. By using our website, you agree that we can place these types of cookies on your device.

View e-Privacy Directive Documents

You have declined cookies. This decision can be reversed.

Operating Systems Hit By Major Security Flaw

Written by  Carl Perkins - Technical Specialist May 10, 2018

Most major operating systems are vulnerable to a “serious” security bug caused by developers’ misinterpretation of documentation on debugging features in Intel and AMD chips.

The problem is unusual in its scale, affecting Windows, Apple’s macOS, most major Linux distributions, FreeBSD, and virtualisation products from VMware, Xen and KVM.

The bug could be exploited in different ways depending on the platform involved, with attackers able in some cases to gain access to sensitive memory information or take control of low-level operating system functions, according to CERT.

Microsoft said that an attacker could exploit the bug in Windows to run malicious code in kernel mode.

security and privacy

System takeover

“To exploit this vulnerability, an attacker would first have to log on to the system,” Microsoft warned in an advisory. “An attacker could then run a specially-crafted application to take control of an affected system.”

VMware said its hypervisors aren’t affected but other products may be, including VMware vCenter Server, VMware Data Protection and VMware vSphere Integrated Containers.

The Xen project said all versions of Xen are affected, but said the bug can only be exploited by guests using paravirtualisation. The issue can’t be exploited on systems using hardware-assisted virtualisation.

KVM said an unprivileged user could exploit the bug to crash a guest operating system or potentially escalate their privileges within the guest.

CERT said operating system makers had apparently made programming mistakes due to their interpretation of “potentially unclear existing documentation” and guidance on the use of debug functions.

The affected software makers have released patches, with links available via CERT’s advisory.

Advertisement 

‘Unexpected behaviour’

The interrupt/exception instructions in question are MOV to SS and POP to SS, CERT said.

The way these instructions are handled by various operating systems “may result in unexpected behaviour”, CERT said.

In certain circumstances the result “may allow an attacker to utilise operating system APIs to gain access to sensitive memory information or control low-level operating system functions,” CERT said, adding that “an authenticated attacker may be able to read sensitive data in memory or control low-level operating system functions”.

The researchers who discovered the flaw said the implications were worse for software running on AMD chips.

“It seems, in a way, that this is just a giant oversight,” wrote Nick Peterson of Everdox Tech and Emanja Mulasmajic of Triplefault.io in their paper on the issue.

They said they expect Intel and AMD to update their instruction specifications to make a clear note of the “edge case” involved in the problem, and in fact Intel this week released updated software developer manuals with modifications related to interrupt instructions.

CERT said it does not expect performance slowdowns to result from applying updates to fix the problem.

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

Latest

The Never Ending Password Conundrum

Oct 27, 2018 Cyber News

The Never Ending Password Conundrum

Earlier this month, the State of California made headlines by passing legislation that will require hardware manufactu...

Advertisement 

  1. Popular
  2. Trending
  3. Comments

Calendar

« November 2018 »
Mon Tue Wed Thu Fri Sat Sun
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30    

Advertisement 

Advertisement