Tag Archives: GPU

November 2018 Update Summary

Yesterday Microsoft and Adobe published their routine monthly updates resolving 62 and 3 vulnerabilities (more formally known as CVEs (defined)) respectively. More information is available from Microsoft’s monthly summary page and Adobe’s blog post.

Microsoft’s updates also come with a list of Known Issues that will be resolved in future updates. They are listed below for your reference:

KB4467691

KB4467696

KB4467686

KB4467702 (file type association issue to be resolved later in November 2018)

KB4467107

As summarized above; Adobe issued 3 updates for the following products:

Adobe Acrobat and Reader: Priority 1: Resolves 1x Important CVE (see also this page for a Windows 10 additional mitigation)

Adobe Flash Player: Priority 2: Resolves 1x Important CVE

Adobe Photoshop CC: Priority 3: Resolves 1x Important CVE

As per standard practice if you use any of the above Adobe software, please update it as soon as possible especially in the case of Acrobat DC and Reader DC due to the public proof of concept code released.

You can monitor the availability of security updates for most your software from the following websites (among others) or use one of the utilities presented on this page:

====================
US Computer Emergency Readiness Team (CERT) (please see the “Information on Security Updates” heading of the “Protecting Your PC” page):

https://www.us-cert.gov/

A further useful source of update related information is the Calendar of Updates.

News/announcements of updates in the categories of General SoftwareSecurity Software and Utilities are available on their website. The news/announcements are very timely and (almost always) contain useful direct download links as well as the changes/improvements made by those updates (where possible).

If you like and use it, please also consider supporting that entirely volunteer run website by donating.

====================
For this month’s Microsoft updates, I will prioritize the order of installation below:
====================
Microsoft Edge and Internet Explorer (multiple versions of Edge and IE affected)

Windows Kernel (a zero day (defined) vulnerability in Windows Server 2008, Server 2008 R2 and Windows 7)

Microsoft Dynamics 365

Windows Deployment Services (if used within your organization)

Microsoft Office (11x CVEs + 3x further CVEs in Office SharePoint)

Windows VBScript

Microsoft Graphics Component

Microsoft Bitlocker

====================
Please install the remaining updates at your earliest convenience.

As usual; I would recommend backing up the data on any device for which you are installing updates to prevent data loss in the rare event that any update causes unexpected issues. I have provided further details of updates available for other commonly used applications below.

Please find below summaries of other notable updates released this month.

Thank you.

=======================
Nvidia Graphics Drivers:
=======================
A low severity vulnerability (this is a local rather than a remotely exploitable vulnerability) with a CVSS V3 (defined) base score 2.2 had been found within Nvidia’s graphics card drivers (defined). At the time of writing no fix is yet available but will address it in a future driver release. Please monitor their security advisory for further updates.

WPA2 Cracking Simplified By New Research

It has only been approximately nine months since the last vulnerability disclosure regarding WPA2 wireless encryption and we have another disclosure. The developer of the well known password cracking application; Hashcat, Jens “atom” Steube has detailed how to more easily retrieve and crack the Pairwise Master Key Identifier (PMKID)(defined).

Why should this vulnerability be considered important?
Previous vulnerability disclosures required the attacker to capture wireless traffic and wait until they recorded a full authentication handshake. This newer disclosure requires only a single frame (defined) which the attacker can obtain on demand by attempting to access the WiFi network. The PMKID is then cracked (using a brute force attack (defined) to obtain the wireless encryption key (the Pre-Shared Key (PSK)). This vulnerability allows the attacker to begin a brute force attack much easier than before,

To confirm that both the router and the client device know the PSK a PMK is used and is thus a normal part of the 4 way handshake used with WPA2. This new vulnerability will work against routers using 802.11i/p/q/r while roaming is enabled according to Jens Steube.

Further Technical Details of this vulnerability are as follows:
The PMKID is contained within the RSN IE ((Robust Security Network Information Element) field of an EAPOL (defined) frame . How the PMKID is generated is described in more detail in Steube’s post.

The MAC address (defined) of the wireless access point can be determined by the attacker allowing them to know the manufacturer of the device they are attacking. This allows them to pre-generate patterns and pass them into the Hashcat tool speeding up the attack. A PSK of 10 characters in length will take about 8 days to crack using a 4 GPU (defined) system.

How can I protect myself from this vulnerability?
Steube recommends using a password manager to generate a PSK of 20 to 30 characters in length. For your information; the PSK used by my router has been for many years 64 characters long. While it makes entering this into a device a real pain (however I don’t do this often). Moreover I use shorter temporary guest passwords for friends devices (it also prevents them accessing my true intranet); it makes the router more secure against an attack such as this.

You can also make the attackers work harder by employing WPA2-Enterprise (rather than the more regular WPA2-AES). WPA3 is not thought to be vulnerable to this method of attack.

Thank you.