Cyber Weekly Digest - Week #11

This week was full of vulnerabilities, with Intel, AMD and Microsoft all disclosing bugs, some of them critical and some unpatchable. Let's take a closer look at what happened.


1. Microsoft has released a new patch to address more than 100 security flaws in its various Windows OS and software, 26 of which described as "Critical". It's important to note that one of the most severe vulnerabilities that was disclosed on Tuesday but not patched until Friday. "Buffer Overflow in SMBV3" or "CVE-2020-0796" can, if exploited, allow an unauthenticated, remote attacker to execute arbitrary code within the context of the application. This means that it requires no user interaction and could be made into wormable malware like WannaCry. We advise users to download all updates via Windows Update to make sure their Operating System is appropriately secure.


2. Researchers have published a paper disclosing security flaws in AMD chips that can potentially allow the extraction of data from the CPU thought a side-channel attack. AMD addressed this by saying that the vulnerability is not significant and that is already protected by previous patches, the researchers disagree. Although the vulnerability can result in the leak of some metadata, it is undoubtedly not as severe as the "Zombieland" and "Meltdown", some of the most infamous vulnerabilities on Intel chips, which leak tons of actual data.


3. Speaking of CPU vulnerabilities, an unpatchable vulnerability that can potentially allow hackers to compromise almost all hardware-enabled security technology has been found in all Intel processors released in the past 5 years. Called "CVE-2019-0090" the vulnerability resides in a component on the Read-Only-Memory (ROM) and cannot be patched without replacing the silicon. According to researchers, only the 10th generation of Processors, Ice Pint chipsets and SoCs are not vulnerable to this issue.


4. Avast disables JavaScript engine on its antivirus because of a significant bug. The bug was discovered on an internal component of the Avast antivirus that analyses Javascript code for malware before allowing it to execute in browsers or email clients. Someone exploiting this vulnerability can potentially install malware on an Avast user's device, bypassing any security control. It is crucial for people that have the Avast antivirus product to install the security patch addressing this issue as soon as it is released and until then be very cautious.


5. FBI has arrested a Russian national believed to be behind deer.io, a website advertising and selling hacked accounts and stolen user information. To verify that the service was selling real data, the FBI purchased more than 3000 hacked accounts and identified the data to be legitimate. The arrest took place in New York, and the suspect will face charges in a federal court.


6. As if the corona-virus panic wasn't enough, cybercriminals are trying to take advantage of this situation to spread malware on the public. Recently it was discovered that an interactive dashboard of Coronavirus infections is being used by malicious websites to spread password-stealing malware. We recommend that you are very careful with phishing emails, internet links that offer information about the recent outbreak and that you only get information from legitimate sources.

13 views