Security News

Microsoft now has an advisory out that's blaming rogue partners. The problem with certified kernel drivers, of course, is because they have to be signed by Microsoft, and because driver signing is compulsory on Windows, it means that if you can get your kernel driver signed, you don't need hacks or vulnerabilities or exploits to be able to load one as part of a cyberattack.

In brief Apple has patched an iOS and iPad OS vulnerability that's already been exploited. Apple issued patches for iOS 16.1 and iPad OS 16, to address this and 19 other vulnerabilities.

The "Clear-and-present danger" prize goes to iOS and iPadOS, which get updated to version 16.1 and 16 respectively, where one of the listed security vulnerabilites allows kernel code execution from any app, and is already actively being exploited. As you might have assumed, given that the release of Ventura takes macOS to version 13, three-versions-ago macOS 10 Catalina doesn't appear in the list this time.

Linux users have reported seeing weird white flashes and rapid blinking on their Intel laptop displays after upgrading to Linux kernel version 5.19.12, leading to warnings that the bug may damage displays. Besides being a visual annoyance, the unexpected screen flickering prevents users from doing anything on their systems, and Intel Linux kernel engineer Ville Syrjäl warns that it could also damage the display.

Microsoft has released the final version of security configuration baseline settings for Windows 11, version 22H2, downloadable today using the Microsoft Security Compliance Toolkit.While the new baseline adds extra defenses focusing on multiple areas, the highlight of the latest Windows 11 security baseline is the addition of Kernel Mode Hardware-enforced Stack Protection that provides additional hardware-level protection for kernel code against malware threats.

VMware engineers have tested the Linux kernel's fix for the Retbleed speculative execution bug, and report it can impact compute performance by a whopping 70 percent. In a post to the Linux Kernel Mailing List titled "Performance Regression in Linux Kernel 5.19", VMware performance engineering staffer Manikandan Jagatheesan reports the virtualization giant's internal testing found that running Linux VMs on the ESXi hypervisor using version 5.19 of the Linux kernel saw compute performance dip by up to 70 percent when using single vCPU, networking fall by 30 percent and storage performance dip by up to 13 percent.

Details of an eight-year-old security vulnerability in the Linux kernel have emerged that the researchers say is "As nasty as Dirty Pipe.". "DirtyCred is a kernel exploitation concept that swaps unprivileged kernel credentials with privileged ones to escalate privilege," researchers Zhenpeng Lin, Yuhang Wu, and Xinyu Xing noted.

Apple just pushed out an emergency update for two zero-day bugs that are apparently actively being exploited. There's a remote code execution hole dubbed CVE-20220-32893 in Apple's browser and HTML rendering software, by means of which a booby trapped web page can trick iPhones, iPads and Macs into running unauthorised and untrusted software code.

What is an APIC, and why do I need it? How can you have data that even the kernel can't peek at? What causes this epic failure in APIC? Does the ÆPIC Leak affect me? What to do about it? What's an APIC? How can you have data that even the kernel can't peek at?

Offensive Security has released ​Kali Linux 2022.3, the third version of 2022, with virtual machine improvements, Linux Kernel 5.18.5, new tools to play with, and improved ARM support. With this release, Kali Linux is using Linux Kernel 5.18.5.