Application security, Identity and access, Incident response, Leadership, Remote access, Vulnerability management

Microsoft Patches 3 and Skips 1, Adobe Overflow, & Apple Sudo Fix – Wrap Up – SWN #100

On this week's news recap, Microsoft Remote Desktop Web Access Authentication Timing Attack, Multiple TCP/IP stack flaws could leave millions of devices open to attack, Adobe fixes a buffer overflow issue in Reader which is exploited in the wild, and Apple Patches Recent Sudo Vulnerability in macOS.

Full episode and show notes

Hosts

Doug White
Doug White
Professor at Roger Williams University
Matt Alderman
Matt Alderman
Executive Director at CyberRisk Alliance
  1. 1. Florida hack highlights security shortages in US water sector – CyberScoop - the attacker broke into the facility’s computer system through a remote software program known as TeamViewer, according to Pinellas County Sheriff Bob Gualtieri. Facility operators stopped using TeamViewer six months ago and weren’t aware the program was on their computers, Gualtieri told the Wall Street Journal. A plant operator discovered something was amiss when their computer mouse began moving across the screen.
  2. 2. Microsoft’s Remote Desktop Web Access Vulnerability — Raxis - A similar timing-based authentication vulnerability exists for the Outlook Web Application (OWA), that reveals valid usernames based on comparing the response times between authentication attempts using both valid and invalid usernames.
  3. 3. This old security vulnerability left millions of Internet of Things devices vulnerable to attacks
  4. 4. Patch Windows to avoid denial of service attacks: Microsoft - A workaround for the flaws involves setting Source Routing for IPv4 traffic, by using the Group Policy feature, or the NETSH command in a terminal window.
  5. 5. Adobe fixes a buffer overflow issue in Reader which is exploited in the wild - Adobe fixes a buffer overflow issue in Reader which is exploited in the wild
  6. 6. Apple Patches Recent Sudo Vulnerability in macOS - The security flaw could be abused to escalate privileges to root, even with default Sudo configurations. Qualys’ security researchers, who identified the bug, prompted users to apply available patches as soon as possible. The issue would expose systems to complete compromise, given that it could allow an attacker able to access a machine as a low-privileged user to gain root privileges. Sudo v1.9.5p2 resolves the vulnerability, and Apple has addressed the flaw by updating the tool to the patched version.
  7. 7. Qualys’ Philippe Courtot Takes Medical Leave; Interim CEO Named
prestitial ad