Posts

iOS 8

Apple has released the latest version of its mobile OS on Wednesday, and in it has fixed over 50 vulnerabilities, many of which are very serious:
Two vulnerabilities allowed a local attacker to escalate privileges and install unverified (likely malicious) applications
A validation issue in the handling of update check responses allowed an attacker with a privileged network position to cause an iOS device to think that it is up to date even when it is not
Two vulnerabilities in CoreGraphics made it possible for a maliciously crafted PDF file to terminate apps or execute arbitrary code
Several vulnerabilities in the IOHIDFamily kernel extension made it posible for a malicious app to read kernel pointers, which can be used to bypass kernel address space layout randomization, or to execute arbitrary code with system privileges (the latter was also made possible by the existence of several IOKit bugs)
A Libnotify bug allowed a malicious application may be able to execute arbitrary code with root privileges
Two Safari vulnerabilities made it possible for attackers and websites to intercept or harvest user credentials
12 WebKit bugs could have been misused by attackers to execute arbitrary code on the device by simply creating a malicious website and tricking users into visiting it.
With iOS 8, Apple has also updated its certificate trust policy and has randomised the MAC address to prevent potential device tracking attacks via passive WiFi scans.

If you can, it’s a good idea to update to iOS 8, because all these bugs remain unpatched in all earlier version of the OS.

More information:
http://www.net-security.org/secworld.php?id=17378
http://support.apple.com/kb/HT6441

iOS 7.1 Update

Apple released an update to their iOS, 7.1.
This update contains a lot of security updates, so it’s recommended to update your devices as soon as possible.

More information:
http://support.apple.com/kb/HT6162

Apple security updates

Apple have released multiple critical security updates for iOS, OS X, Safari and Quicktime. These updates fixes critical issues with SSL traffic, so make sure you update as soon as possible.
The updates will push your iOS devices to 7.0.6, your OS X to 10.9.2, your Quicktime to 7.7.5 and Safari to 7.0.2 (included in the 10.9.2 version of OS X).

More information:
http://support.apple.com/kb/HT6150
http://support.apple.com/kb/HT6151
http://support.apple.com/kb/HT6145
http://support.apple.com/kb/HT6147

BF-SIRT Newsletter 2013-43

Anyone using Apple products needs to be sure to apply the latest updates that are now available, as per Apple security updates.
If you are using Cisco ASA for VPN then you can have a look at our post about that here.
WordPress also updated their software to 3.7, and it’s recommended to apply this.

Top 5 Security links
Group Leveraging Cutwail Spam Botnet Opts For “Magnitude” Over BlackHole Exploit
Hacker Group Claims To Have Looted $100k Via SQL Injection Attack
Doctors Disabled Wireless In Dick Cheney’s Pacemaker To Thwart Hacking
Dropbox Users Hit With Zeus Phishing Trojan
Cisco Says Controversial NIST Crypto ‘Not Invoked’ In Products

Top 5 Business Intelligence links
Universities Schooled By Malware
DARPA Slaps $2m On The Bar For The ULTIMATE Security Bug KILLER
Google Launches Project Shield To Defend Sites Against DDoS Attacks
UN Nuclear Regulator Infected With Malware
India Tops APAC Ransomware Table With $4 BILLION Losses

BF-SIRT Posts
WordPress 3.7 “Basie”
Cisco ASA VPN Denial of Service Vulnerability
Apple security updates

Apple security updates

Apple have released security updates for the following applications:
iTunes 11.1.2
Apple Remote Desktop 3.7
Apple Remote Desktop 3.5.4
Keynote 6.0
Safari 6.1

They have also released the following Operating System updates.
OS X Mavericks v10.9
OS X Server 3.0
iOS 7.0.3

These updates fixes more than a hundred security vulnerabilities, with many being labeled as critical, and it’s highly recommended to apply them as soon as possible!

iOS 7.0.2 – fixes lock screenvulnerability

iOS 7.0.2 is now available and addresses the following:

Passcode Lock
Available for: iPhone 4 and later
Impact: A person with physical access to the device may be able to
make calls to any number
Description: A NULL dereference existed in the lock screen which
would cause it to restart if the emergency call button was tapped
repeatedly. While the lock screen was restarting, the call dialer
could not get the lock screen state and assumed the device was
unlocked, and so allowed non-emergency numbers to be dialed. This
issue was addressed by avoiding the NULL dereference.
CVE-ID
CVE-2013-5160 : Karam Daoud of PART – Marketing & Business
Development, Andrew Chung, Mariusz Rysz

Passcode Lock
Available for: iPhone 4 and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A person with physical access to the device may be able to
see recently used apps, see, edit, and share photos
Description: The list of apps you opened could be accessed during
some transitions while the device was locked, and the Camera app
could be opened while the device was locked.
CVE-ID
CVE-2013-5161 : videosdebarraquito

This update is available through iTunes and Software Update on your iOS device.

Apple Security Updates for OS X Mountain Lion and Safari

APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update
2013-004

OS X Mountain Lion v10.8.5 and Security Update 2013-004 is now available, and it’s recommended to update as soon as possible!
This update solves multiple critical security issues such as cross-site scripting, Denial of Service and Arbitrary code execution for multiple applications.

More information: http://support.apple.com/kb/HT1222

Apple Security Update 2013-003

Apple have released security update 2013-003 for OS X.
This update fixes three issues with QuickTime where playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution.

More information: http://support.apple.com/kb/HT5806

Apple OS X – Java 2013-003 1.0 and Safari 6.0.4

Apple have released updates for Java and Safari. These are security updates, so users are advised to update as soon as possible by going to “Software Update”.

More information:
http://support.apple.com/kb/HT5682
http://support.apple.com/kb/HT5678