Alfred's New Ramblings

Notable security vulnerabilities for 2018

In continuation of the 2017 post on vulnerabilities, the new year started with a big security bang.

  1. Meltdown, affects mainly Intel and some ARM CPUs.  AMD is unknown.
    Spectre, affects all types of CPUs.
    This is as bad as it can get. The root cause comes from speculative execution found in various microprocessors as a way to beat the  superpipelined architecture.
    https://meltdownattack.com/
  2. Cisco Smart Install, 20180409 Just turn off that thing if is not in use.  https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180409-smi
  3. Apache Struts 2.0, Remote Code Execution , 20180822  https://www.bleepingcomputer.com/news/security/active-attacks-detected-using-apache-struts-vulnerability-cve-2018-11776/
  4. Facebook SSO – Facebook signon tokens were exposed and all websites using Facebook SSO are vulnerable. link  A in-depth examination here. link

Edit:

30 Aug 18 – Added Smart Install and Apache Struts

2 Oct 18-  Added Facebook

Related posts:

  1. OnePlus 3T with LineageOS
  2. Table of Contents for EPUB
  3. Substratum theme engine
  4. Mi Mix 2S
Tagged on:
By AL | January 8, 2018 | Security, Work | No Comments |



Leave a Reply

Your email address will not be published. Required fields are marked *