Tag Archive | Enterprise

VMware Security Update for DoS problem among vulnerabilities, kernel source code leaks

VMware, virtualization software manager, has issued a security update for its vSphere API. This resolves a denial-of-service problem in ESX and ESXi. The ESX is a bare metal hypervisor, capable of enterprise level environments, where it doesn’t need a 3rd party operating system to run. Also, quite a few security updates were issued as part of this update.

The patch affects the following releases: VMware ESXi 4.1 without patch ESXi410-201211401-SG and VMware ESX 4.1 without patches ESX410-201211401-SG, ESX410-201211402-SG, ESX410-201211405-SG, and ESX410-201211407-SG.

Read more about the advisory, plus details on how to update.

This security update comes after, just over a week ago, Anonymous hacker “Stun” leaked the source code of ESX. The leak was first found out with a Twitter update, followed by the torrent posted on 1337x.org.

“Which VMware has succeed to ignore and continue producing on same level like it’s buddy Symantec did. Bullshitting people and selling crap. But it’s time for Anonymous finally to deliver,” said “Stun”.

Iain Mulholland, director of platform security for VMware, commented on the story:

It is possible that more related files will be posted in the future. We take customer security seriously and have engaged our VMware Security Response Center to thoroughly investigate.

Ensuring customer security is our top priority. As a matter of best practices with respect to security, VMware strongly encourages all customers to apply the latest product updates and security patches made available for their specific environment.

This also apparently is linked back to an April 2012 incident, where information was leaked also.

The kernel is apparently dated back to between 1998-2004, the years of which the kernel for VMware products was developed.

Users are encouraged to update their products with the latest product updates and security patches.

Windows 8 Security Features Explained (mini-whitepaper)

Windows 8 is apparently more secure than Windows 7. Perhaps this is true, and it is best to learn what security features there are for the new operating system. Some of these security features are verified to help out very well in the security of Windows 8, and some may not be in time, or lastly some may not work at all.

One of the most discussed security features is Secure Boot. Now, Secure Boot is a Unified Extensible Firmware Interface (UEFI) specified in the boot process to check cryptographic signatures of kernel-mode drivers, making sure they aren’t modified or corrupted. In other words, the boot process is now made to check if the operating system has been corrupted by malware or some other issue.

This is all part of a hardware restriction process called Hardware DRM. All non-ARM devices have the option to turn Secure Boot off, however ARM devices must keep it on. Experts state that it will be resistant to rootkits, since the MBR and BIOS cannot be accessed, unless if someone working on the computer penetrates it.

Next, Windows 8 features better built in antivirus software, with a much better improved Windows Defender. The software in Windows 8 is combined with the optional tool Microsoft Security Essentials. Now, with Windows Defender super-powered with MSE, it has much more anti-malware features.

With better anti-malware features, Internet Explorer is now made with better features as well. It has the ability to prevent zero-day exploits much greater than previous versions of Internet Explorer. With the challenges of exploiting Windows 7, there was the issue risen up again for Java and Flash Player, so hackers can gain control over the operating system. Those browser plugins are now easier to exploit than the Internet Explorer’s code.

A new application sandboxing environment called AppContainer provides the ability to run all apps in a controlled environment, where it controls how apps work. This prevents apps from disrupting the operating system. Of course, this is just supplemented by Internet Explorer’s SmartScreen filter, which prevents the download/install of known malicious software. However, Windows 8 now has SmartScreen available for any app, allowing even more prevention. Of course, this means Microsoft employees are going to increase in numbers, if they really want to keep up. Now that hackers know their new challenges, they will be relentless.

The questions are still played on whether Windows 8 will be a repeat of Vista or not. The reality of the situation, is if Windows 8 has big popularity, then the security issues will also light up big time. However, many will stick to Windows 7, so the security issues for Windows users are not close to be over. Feel free to take a look at related articles below for Symantec’s opinions, which aren’t too well on the new OS.

Added October 31, 2012: Trusted Platform Module, read more

Keep up with the latest security tips on our blog here. In addition, please donate to help us continue to write these awesome whitepapers.

%d bloggers like this: