Microsoft Urges Azure Customers to Patch Exim Worm

This situation is a great example of the importance of patch and firmware management.  Just because a system is hosted in the cloud, it does not mean that you are not responsible for parts if not all of the patch and firmware oversight.  Pay close attention to your service level agreements and other cloud services documentation.

If you are using these particular Azure services from Microsoft, please review this content and patch accordingly.

https://www.infosecurity-magazine.com/news/microsoft-urges-azure-customers-to-1/

https://threatpost.com/microsoft-pushes-azure-users-to-patch-linux-systems/145749/

Adobe patches the same critical Reader flaw twice in one week

As the article author states, it has been an embarrassing few days for Adobe and their patch process.  Though we like to poke fun at Adobe and we often whine about the ongoing parade of vulnerabilities, do not get lulled into a state where patches are missed and systems are left vulnerable.  Please review your environment and patch accordingly.

https://nakedsecurity.sophos.com/2019/02/25/adobe-patches-the-same-critical-reader-flaw-twice-in-one-week/

Vulnerabilities Dip 7%, but Researchers Are Cautious

Though at its face, this sounds like good news, a slight reduction in the number of reported and identified vulnerabilities does not really point to an improvement in the overall security of technology users.  In all honesty, I believe cybercriminals are more effectively leveraging existing vulnerabilities and taking advantage of the human element (phishing, adware, social engineering) to gain the access they desire.

https://www.darkreading.com/vulnerabilities—threats/vulnerabilities-dip-7–but-researchers-are-cautious/d/d-id/1333308

US DHS Slammed for Infosecurity Deficiencies

What a wonderful case of “Do as I say…not as I do”.  The realistic labor and cost implications of information security have alluded the federal government for far too long.  DHS clearly does not grasp practical IT management.  There is no sound argument as to why basic blocking and tackling has not been performed.  DHS has a huge target on its back.  It must lead this fight for US government agencies and not hide from it.

https://www.infosecurity-magazine.com/news/us-dhs-slammed-for-infosecurity/

Intel Says to Stop Applying Problematic Spectre, Meltdown Patch

Linus Torvalds and many others have come out in protest against the hasty and often flawed patching approach to the Meltdown and Spectre vulnerabilities.  It is good to see Intel pumping the breaks on this process and taking a closer look at the architectural needs associated with the correction of this flaw.

https://www.darkreading.com/vulnerabilities—threats/intel-says-to-stop-applying-problematic-spectre-meltdown-patch-/d/d-id/1330871

CPU Vulnerabilities – New Articles and Updates

More information came to light yesterday evening and overnight concerning the reported flaws in Intel and other processors.  I am including numerous links to multiple sources, but some of the key updates include:

  • There are actually two architectural vulnerabilities in play – Meltdown and Spectre
  • This is more than an Intel problem – AMD and ARM chips are also affected to various degrees
  • Microsoft has released an emergency out-of-band patch overnight that begins to address some of the vulnerabilities
  • There are still many unknowns as to the extent of impact that will come from patching and/or rearchitecting OS/chipset interactions

https://www.infosecurity-magazine.com/news/major-chip-flaws-confirmed/

https://www.darkreading.com/endpoint/critical-microprocessor-flaws-affect-nearly-every-machine/d/d-id/1330745

https://www.infosecurity-magazine.com/news/intel-flaw-performance-degradation/

https://threatpost.com/intel-in-security-hot-seat-over-serious-cpu-design-flaw/129289/

https://www.schneier.com/blog/archives/2018/01/spectre_and_mel.html