- Update Samba Servers Immediately to Patch Password Reset and DoS Vulnerabilities
Samba is a free software re-implementation of the SMB/CIFS networking protocol, and was originally developed by Andrew Tridgell. Samba maintainers have just released new versions of their networking software to patch two critical vulnerabilities that could allow unprivileged remote attackers to launch DOS attacks against servers and change any other users’ passwords, including admin’s. According to the research, the denial of service vulnerability, assigned CVE-2018-1050, affects all versions of Samba from 4.0.0 onwards, and could be exploited “when the RPC spoolss service is configured to be run as an external daemon.” The second vulnerability, assigned CVE-2018-1057, allows unprivileged authenticated users to change any other users’ passwords, including admin users, over LDAP. The password reset flaw exists on all versions of Samba from 4.0.0 onwards, but it works only in Samba Active Directory DC implementation, as it doesn’t properly validate permissions of users when they request to modify passwords over LDAP.
Cyber Security Tips: Users and administrators are strongly recommended that update your samba server as soon as possible.
- 13 Critical Flaws Discovered in AMD Ryzen and EPYC Processors
Previously Spectre/Meltdown vulnerabilities targeted thousands of systems. According to the latest report, Security researchers claimed to have discovered 13 critical vulnerabilities throughout AMD’s Ryzen and EPYC lines of processors that could allow attackers to access sensitive data, install persistent malware inside the chip, and gain full access to the compromised systems. The vulnerabilities are reside in the secure part of the AMD’s Zen architecture processors and chipsets where device stores sensitive information such as passwords and encryption keys and makes sure nothing malicious is running when you start your PC. The alleged vulnerabilities are categorized into four classes—RYZENFALL, FALLOUT, CHIMERA, and MASTERKEY—and threaten wide-range of servers, workstations, and laptops running vulnerable AMD Ryzen, Ryzen Pro, Ryzen Mobile or EPYC processors. The researchers also claimed to have found two exploitable manufacturer backdoors inside Ryzen chipset that could allow attackers to inject malicious code inside the chip.
Cyber Security Tips: There is no solution available yet, users and administrators are strongly recommended that keep eye on companies statement and Contact AMD and ask for a prompt solution.
- CredSSP Flaw in Remote Desktop Protocol Affects All Versions of Windows
The Credential Security Support Provider protocol (CredSSP) is a Security Support Provider that is implemented by using the Security Support Provider Interface (SSPI). CredSSP lets an application delegate the user’s credentials from the client to the target server for remote authentication. A critical vulnerability has been discovered in Credential Security Support Provider protocol (CredSSP) that affects all versions of Windows to date and could allow remote attackers to exploit RDP and WinRM to steal data and run malicious code. (CVE-2018-0886) is a logical cryptographic flaw in CredSSP that can be exploited by a man-in-the-middle attacker with Wi-Fi or physical access to the network to steal session authentication data and perform a Remote Procedure Call attack. When a client and server authenticate over RDP and WinRM connection protocols, a man-in-the-middle attacker can execute remote commands to compromise enterprise networks according to the news published by hacker news.
Cyber Security Tips: Users are recommended to patch their workstations and servers using available updates from the Microsoft and decrease the use of privileged account as much as possible and instead use non-privileged accounts whenever applicable.