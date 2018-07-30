Security: Symantec TLS Certificates, Automating Kernel Exploitation, Initial SpectreRSB Support
Update on the Distrust of Symantec TLS Certificates
Firefox 60 (the current release) displays an “untrusted connection” error for any website using a TLS/SSL certificate issued before June 1, 2016 that chains up to a Symantec root certificate. This is part of the consensus proposal for removing trust in Symantec TLS certificates that Mozilla adopted in 2017. This proposal was also adopted by the Google Chrome team, and more recently Apple announced their plan to distrust Symantec TLS certificates. As previously stated, DigiCert’s acquisition of Symantec’s Certification Authority has not changed these plans.
In early March when we last blogged on this topic, roughly 1% of websites were broken in Firefox 60 due to the change described above. Just before the release of Firefox 60 on May 9, 2018, less than 0.15% of websites were impacted – a major improvement in just a few months’ time.
Automating Kernel Exploitation for Better Flaw Remediation
Black Hat researchers plan on open sourcing a new framework they say can help organizations get a better rein on vulnerability fixes for kernel bugs.
The explosive disclosure of the Spectre and Meltdown vulnerabilities were like a detonator on the already incendiary field of kernel vulnerabilities this year. Security researchers had previously been ramping up their exploration of kernel bugs, but this year the discoveries have mushroomed considerably.
Initial SpectreRSB Support Queued For Merging Into The Mainline Linux Kernel
Last week "SpectreRSB" was detailed as a new Spectre Variant Two like attack affecting modern processors. A Linux kernel patch was quick to materialize and now it's been staged for merging soon into the mainline Linux kernel.
Spectre Return Stack Buffer is just one of the newest speculative execution vulnerabilities affecting at least Intel CPUs. Researchers at the University of California were able to exploit SpectreRSB into leaking private data protected by Intel SGX (Software Guard Extensions) and that these return stack buffer attacks could be process-process or even inter-VM.
