Skip to main content
Tag

Meltdown CPU security flaw

||

Spectre Still Haunts Microsoft and Intel

By NewsNo Comments

Living in the Shadow of Spectre

After fumbling their first attempt at patching the Spectre vulnerability, Microsoft has released Security Update 4078407.

According to their security advisory, “applying this update will enable the Spectre Variant 2 mitigation CVE-2017-5715 – “Branch target injection vulnerability.”

Microsoft has released several stages of updates in an attempt to deal with Spectre. In March, Microsoft addressed Windows systems running on Intel Skylake, Coffe Lake, and Kaby Lake CPUs. They then followed up by releasing updates for Broadwell and Haswell processors, as well as updates for Windows 7 and Windows Server 2008 R2.

To ensure the security, and now stability, of devices with the affected processors, these updates need to be deployed.

Syxsense can simplify such a task. Our Patch Manager quickly identifies any device in need of updates. Then a maintenance window can be created to deploy the updates around business hours, avoiding any loss in productivity.

Don’t let the ghost of Spectre haunt your security. Start a trial of Syxsense today.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
May 1, 2018
Love0
|

“Insane Garbage” Patches Disrupt Devices

By NewsNo Comments

Intel Warns of Faulty Meltdown and Spectre Patches

If you thought the Meltdown and Spectre threat had passed, Intel has some bad news: don’t install their updates!

In a statement released by Intel, their EVP Neil Shenoy stated: “We recommend that OEMs, cloud service providers, system manufacturers, software vendors, and end users stop deployment…they may introduce higher than expected reboots and other unpredictable system behavior.”

Users are not the only ones incredibly frustrated with Intel. Linus Torvalds, creator of Linux, expressed his displeasure with Intel.

They do literally insane things. I really don’t want to see these garbage patches just mindlessly sent out. I think we need something better than this garbage.

What You Should Do

The best approach, for now, is to monitor your systems with a comprehensive IT management solution. Keep an eye on the status of your environment by implementing a solution that can easily show you, through the console or reports, which devices are affected by these updates.

Syxsense has this capability, and more. Keep track of the status of your IT environment through detailed, easy to understand reports. If you decide you want to remove these disastrous patches, with Syxsense, you can roll them back in just a few clicks.

Find a better way to manage devices, start your trial with Syxsense.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
January 24, 2018
Love0
|

Intel AMT Laptop Hack

By NewsNo Comments
[vc_single_image source=”featured_image” img_size=”full”]

Hacked Within a Minute

Intel is dominating the cybersecurity headlines again for the wrong reasons.

F-Secure, a Finnish based cybersecurity firm, has reported their researchers discovered an easy manipulation of Intel Active Management Technology, or AMT, which bypasses the login processes. This behavior bug could allow anyone with physical access to your laptop to set up a backdoor in less than a minute.

It doesn’t require any code, nor does it appear as a noticeable change. With a short distraction or moment of inattention, your device could be set up as the gateway into the network it’s connected to.

The best way to mitigate this risk is to use a comprehensive management solution like Syxsense. CMS can manage any device, anytime, all from the cloud.

Within Syxsense, you can create queries to easily see selections of devices based on a multitude of criteria. For instance, if you wanted to see every Intel based laptop within your environment, it would only take a few clicks to do just that.

The device health indicator icons show you, at a glance, which devices require updates. Because these are color coded, you can also quickly see the severity of the updates needed.

As soon as Syxsense has an update from Intel, you’ll see a notification within your console. These alerts ensure you know when new updates arrive. There’s a better way to manager your environment. Get started today.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
January 12, 2018
Love0
||||

January Patch Tuesday: Spectre Patch Challenges

By News, Patch TuesdayNo Comments
[vc_single_image source=”featured_image” img_size=”full”]

Patch Priorities and Dealing with Spectre

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

This has been widely breaking the news over the past week known as Spectre. Should this be your number one priority?

Robert Brown, Director of Services for Verismic says, “The vector analysis of the vulnerability shows the exploitability score to be 1.1 out of 10, which is the independently assigned score detailing the type, ease and requirements needed by both users, technology and ‘chance’ in order for this vulnerability to be exposed.

The CVSS v3 score of 5.6 means this is in the High severity rating (Critical being the highest level) which means given the evidence of this independent review, the patch is important, but this should not be as important as establishing a routine patching process for your company.

Brown continued saying, “As of today, there are no known exploits in the wild impacting Intel, AMD and ARM devices. Please be clear, the software patches made available for operating systems, browsers and applications do not actually remove the vulnerability, they simply act as a bandage to reduce the likelihood an attacker will be successful.”

A real fix requires all CPU vendors to have kernel with countermeasures, such as microcode updates to be in place. Intel said that it would issue its own microcode updates to address the issue. Other vendors have said they are providing similar countermeasures.

Microsoft Patches for CPU Flaws Break Windows

Computers with AMD processors, particularly older Athlon models could potentially have issues where Windows is unable to start. Some users from the community have reported that after installing Microsoft’s update the operating system freezes during boot when the Windows logo is displayed.

Robert Brown, Director of Services for Verismic says, “Although we have not seen this issue ourselves, testing your patches before deployment is essential, if you need help with a patch management plan please download our free patching advice, Avoiding Patch Tuesday.”

[vc_single_image image=”13020″ img_size=”200×200 px”]

The Worst Passwords of 2017 Revealed

With everything in the news about Spectre and Meltdown, it seems less significant to discuss passwords. For the second year in a row, the most common passwords used in 2017 has been revealed as “123456.” Simple passwords provide the easiest form of remote user authentication to expose vulnerabilities within your environment, providing easier identify theft and company espionage.

With this in mind, simple passwords can be made more secure with two-factor authentication like we use with Syxsense.

All login attempts require a randomly generated code via email or Google authenticator before access to your systems is granted – however we always recommend our customers to use a hardened password as an additional security precaution.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
[vc_empty_space][vc_separator][vc_empty_space]

Patch Tuesday Release

Microsoft addressed 32 vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Edge, Microsoft Exchange, Microsoft Excel, Microsoft PowerPoint, and Microsoft SharePoint. The vulnerabilities could allow an attacker to execute arbitrary code, gain elevated privileges, bypass security protections, view sensitive information, or cause a denial of service condition.

We have chosen a few updates to prioritize this month, this recommendation has been made using evidence from industry experts (including our own) and anticipated business impact.

[vc_single_image image=”14043″ img_size=”full” alignment=”center”]
Vendor Name Title Vendor Severity Recommended
Microsoft Security Update for Microsoft SharePoint Enterprise Server 2013 (KB4011579) Critical Yes
Microsoft 2018-01 Security Update for Adobe Flash Player for Windows Server 2016 for x64-based Systems (KB4056887) Critical Yes
Microsoft Security Update for Microsoft SharePoint Server 2010 (KB4011609) Critical Yes
Microsoft 2018-01 Cumulative Update for Windows Server 2016 (1709) for x64-based Systems (KB4056892) Critical Yes
Microsoft 2018-01 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4056890) Critical Yes
Microsoft 2018-01 Security Update for Adobe Flash Player for Windows Server 2016 for x64-based Systems (KB4056887) Critical Yes
Microsoft 2018-01 Security Update for Adobe Flash Player for Windows Server 2012 R2 for x64-based Systems (KB4056887) Moderate Yes 
Microsoft 2018-01 Security Update for Adobe Flash Player for Windows Server 2012 for x64-based Systems (KB4056887) Moderate  Yes
Microsoft 2018-01 Security Only Update for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008 SP2 for x64 (KB4055272) Important  
Microsoft Security Update for Microsoft SharePoint Enterprise Server 2013 (KB4011599) Important  
Microsoft 2018-01 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 7 and Server 2008 R2 for x64 (KB4055532) Important  
Microsoft 2018-01 Security and Quality Rollup for .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-based Systems (KB4055532) Important  
Microsoft 2018-01 Security Only Update for .NET Framework 2.0 and 3.0 on Windows Server 2008 SP2 for Itanium-based Systems (KB4055272) Important  
Microsoft 2018-01 Security Only Update for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008 SP2 (KB4055272) Important  
Microsoft 2018-01 Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 8.1 and Server 2012 R2 for x64 (KB4055271) Important  
Microsoft 2018-01 Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows Server 2012 for x64 (KB4055270) Important  
Microsoft 2018-01 Security Only Update for .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-based Systems (KB4055269) Important  
Microsoft 2018-01 Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 7 and Server 2008 R2 for x64 (KB4055269) Important  
Microsoft 2018-01 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008 SP2 (KB4055267) Important  
Microsoft 2018-01 Security and Quality Rollup for .NET Framework 2.0 and 3.0 on Windows Server 2008 SP2 for Itanium-based Systems (KB4055267) Important  
Microsoft 2018-01 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008 SP2 for x64 (KB4055267) Important  
Microsoft 2018-01 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 8.1 and Server 2012 R2 for x64 (KB4055266) Important  
Microsoft 2018-01 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows Server 2012 for x64 (KB4055265) Important  
Microsoft Security Update for 2010 Microsoft Business Productivity Servers (KB3114998) Important  
Microsoft Security Update for Microsoft Office 2007 suites (KB4011201) Important  
Microsoft Security Update for Microsoft Office 2007 suites (KB4011656) Important  
Microsoft Security Update for Microsoft Office 2010 (KB4011610) 32-Bit Edition Important  
Microsoft Security Update for Microsoft Office 2010 (KB4011610) 64-Bit Edition Important  
Microsoft Security Update for Microsoft Office 2010 (KB4011611) 32-Bit Edition Important  
Microsoft Security Update for Microsoft Office 2010 (KB4011611) 64-Bit Edition Important  
Microsoft Security Update for Microsoft Office 2010 (KB4011658) 32-Bit Edition Important  
Microsoft Security Update for Microsoft Office 2010 (KB4011658) 64-Bit Edition Important  
Microsoft Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB4011605) Important  
Microsoft Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB4011607) Important  
Microsoft Security Update for Microsoft Office Excel 2007 (KB4011602) Important  
Microsoft Security Update for Microsoft Office Excel Viewer 2007 (KB4011606) Important  
Microsoft Security Update for Microsoft Office Outlook 2007 (KB4011213) Important  
Microsoft Security Update for Microsoft Office Word 2007 (KB4011657) Important  
[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL FO SYXSENSE[/dt_default_button]
January 9, 2018
Love0
|||

CPU Meltdown: Emergency Patching For Every Device

By NewsNo Comments
[vc_single_image source=”featured_image” img_size=”full”]

Protect Yourself from the Worldwide ‘Meltdown’

Reports across the internet are confirming that every CPU since 1995, whether it’s Intel, AMD, ARM, or other, has a major security flaw.

According to Google’s Project Zero, and admissions by the CPU’s own manufactures, there is an issue with how chips handle speculative execution, allowing access to passwords and other sensitive data without leaving a trace.

The two attack vectors that researchers are concerned about are Meltdown and Spectre. It is not entirely certain if security products can even detect these malware. To be clear, there is no evidence of exploitation yet, but researchers are deeply worried. They pointed out that the attacks don’t leave any traces in traditional log files and they are unlikely to be detected by security products.

Attacks using this exploit can be launched against PCs, mobile devices, and servers. Any devices that have CPUs manufactured by Intel, AMD, and ARM are vulnerable. Which, in short, is almost every CPU based device in the world.

Developers are rushing to create updates that will close this vulnerability. It seems Windows and Mac have already slipped in updates that should help mitigate exposure to this vulnerability. But it is believed that Microsoft will release an update within their usual Patch Tuesday content, and that other companies will quickly follow.

We highly recommend Syxsense customers download the latest patch updates to their systems as soon as possible. The required updates are now available within our patch content.

If you aren’t already using Syxsense, ask yourself: Does my IT management tool give me access to the latest content? Does it provide the ability to distribute Microsoft and third party updates? Can you scan and target Windows, Mac, and Linux devices?’

With Syxsense, manage anything, anytime, all from the cloud. Start a trial today.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
[vc_separator css=”.vc_custom_1494871528028{padding-top: 15px !important;padding-bottom: 5px !important;}”]
January 4, 2018
Love0