//Week in review - 21 Sep 2018
AusCERT Week in Review for 21st September 2018
There were again numerous updates and patches released this week.
While Microsoft had its turn last week with Patch Tuesday, it seems that it was Apple’s turn this week.
Apple released a new version of iOS as well as fixes for Safari, Apple Watch and Apple TV.
Below is a summary (including excerpts) of some of the more interesting
stories we’ve seen this week:
—
Title: iOS 12 Patches Memory Bugs, Safari 12 Fixes Data Leaks
Date Published: 17-09-2018
URL:
https://www.bleepingcomputer.com/news/security/ios-12-patches-memory-bugs-safari-12-fixes-data-leaks/
Author: Ionut Ilascu
Excerpts:
“A new round of security updates is available from Apple, fixing bugs in Safari, watchOS, tvOS, and iOS.”
“Apple released its newest version of iOS today, and apart from adding a performance boost to older iPhone models, it also comes with solutions for security problems.”
—
Title: Hackers Mining Cryptos Using Leaked NSA Surveillance Tools, New Report Reveals
Date Published: 20-09-2018
URL:
Hackers Mining Cryptos Using Leaked NSA Surveillance Tools, New Report Reveals
Author: Steve Kaaru
Excerpt:
“The report revealed that cryptojacking incidences have spiked by over 450 percent in 2018, attributing the increased incidences to an NSA tool that was leaked in late 2017 which has been used by North Korean and Russian hackers in the past to infiltrate strategic targets. Now, the tool is being used to mine cryptos, and the hackers show no sign of slowing down with their lucrative venture.”
—
Title: Adobe releases patch out of schedule to squash critical code execution bug
Date Published: 20-09-2018
URL:
https://www.zdnet.com/article/adobe-releases-patch-out-of-schedule-to-squash-code-execution-bugs/
Author: Charlie Osborne
Excerpts:
“Adobe has released a patch out of the usual security update schedules to resolve a set of severe vulnerabilities in Adobe Acrobat and Reader.”
“Deemed critical, CVE-2018-12848 can lead to arbitrary code execution in the context of the current user if exploited by attackers.”
—
Title: Western Digital goes quiet on unpatched MyCloud flaw
Date Published: 20-09-2018
URL:
Author: John E Dunn
Excerpt:
“No admin password, nothing – just a simple CGI request to MyCloud’s web server and an attacker would be in via a local network”
—
Title: ICO Fines Equifax £500K After 2017 Breach
Date Published: 20-09-2018
URL:
https://www.infosecurity-magazine.com/news/ico-fines-equifax-500k-after-2017/
Author: Phil Muncaster
Excerpt:
“The Information Commissioner’s Office (ICO) has issued the maximum fine possible to Equifax in response to failings which led to a major 2017 breach.”
—
Here are a few of this week’s noteworthy security bulletins:
ESB-2018.2832 – ALERT [Win][Mac] Adobe Acrobat and Reader: Multiple vulnerabilities
https://www.auscert.org.au/bulletins/68614
Some recent Adobe Acrobat and Reader vulnerabilites to address.
ESB-2018.2824 – [SUSE] pango: Denial of service – Remote with user interaction
https://www.auscert.org.au/bulletins/68582
Denial of Service from parsing Emoji!
ESB-2018.2782 – [Apple iOS] Apple Support 2.4 for iOS: Access confidential data – Remote/unauthenticated
https://www.auscert.org.au/bulletins/68394
One of a number of Apple advisories released this week which included others for tvOS, watchOS and Safari.
ESB-2018.2807 – [Ubuntu] ghostscript: Multiple vulnerabilities
https://www.auscert.org.au/bulletins/68506
Many linux distros released ghostscript fixes this week addressing remote code execution, information disclosure and denial of service issues.
ASB-2018.0221 – [Linux] Multiple McAfee products: Denial of service – Remote/unauthenticated
https://www.auscert.org.au/bulletins/68534
Multiple McAfee products based on linux are affected by the kernel vulnerability know as “SegmentSmack” which allows remote attackers to cause a denial of service condition.
A list of products that were vulnerable, not-vulnerable and available patches and mitigations was released.
—
Stay safe, stay patched and have a good weekend!
Marcus.
