Tag Archives: Google Chrome

WizardOpium Exploit : Update Google Chrome ASAP!

Kaspersky recently discovered a Google Chrome zero day exploit that was being used in Operation WizardOpium.

Here are the full details, but the TLDR message is – make sure you update Google Chrome ASAP!

 

The WizardOpium Exploit : What Is It?

Kaspersky’s automated Exploit Prevention subsystem detected the exploit, which they dubbed WizardOpium. It used a zero day vulnerability that had hitherto not known to developers.

 

The WizardOpium Exploit : How Does It Work?

The attacks, which Kaspersky called Operation OpiumWizard, began with an infiltration at a Korean news website, where attackers managed to inject malicious code.

It loads a script from a third-party site that first checks if the system is suitable for infection – they were interested only in Chrome for Windows, not older than version 65.

If the operating system and browser requirements are met, the script downloads the WizardOpium exploit piece by piece, reassembles and decrypts it.

The script then runs another check on the version of Google Chrome, working exclusively with Chrome 76 or 77.

After verifying that it has the right Chrome version, the script then leverages the use-after-free vulnerability CVE-2019-13720, based on the improper use of system memory.

By manipulating the system memory, the exploit gains permission to read and write data, which it immediately uses to download, decrypt and run the malware package.

 

The WizardOpium Exploit : Solution

Kaspersky cybersecurity products will detect the exploit, and identify it as Exploit.Win32.Generic.

On discovering it, they reported it to Google with the identifier CVE-2019-13720.

Google fixed the bug in Chrome 78.0.3904.87 for Windows, macOS and Linux. Just make sure you update to that version, or newer… ASAP!

To make sure you have the update, follow these steps :

  1. Click on the 3 vertical dots at the upper right corner of Chrome (Customise and control Google Chrome)
  2. Select Help > About Google Chrome.
  3. In the About Chrome page, it should say that you have Version 78.0.3904.87 or higher
  4. If not, Chrome will automatically start looking for, and installing the latest update
  5. Click Relaunch to restart Chrome.

 

Suggested Reading

Go Back To > Cybersecurity | SoftwareHome

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Dell Introduces Two Latitude Chromebook Enterprise Laptops!

Dell just introduced the world’s first Chromebook Enterprise laptops, in partnership with Google… TWO of them, to be precise.

Let’s take a look at the Latitude 5400 Chromebook Enterprise, and the Latitude 5300 2-in-1 Chromebook Enterprise!

 

Dell Latitude Chromebook Enterprise

With more organisations moving to the cloud, they can now offer their employees more choices in the devices and operating systems they use.

The new Latitude Chromebook Enterprise devices offer powerful and configurable options that employees need, that large organisations can deploy and manage easily using Unified Workspace.

Like other Latitude laptops, they will feature enterprise-grade security, performance and connectivity features.

Both the Latitude 5400 Chromebook Enterprise and Latitude 5300 2-in-1 Chromebook Enterprise will feature narrow-bezel displays, and tough carbon fiber chassis that will have undergone 17 MIL-STD tests.

Dell will be offering them with 8th Gen Intel Core i5 and Core i7 processor options, configurable with up to 32 GB of RAM, and a choice of 10 localised language keyboards, as well as mobile broadband capability.

They will also come with high-density batteries for a longer battery life in a smaller form factor. These batteries will support ExpressCharge, allowing you to recharge up to 80% in an hour!

 

Dell Latitude Chromebook Enterprise Specifications

We created this table to summarise the key specifications and configuration options for the two new Dell Latitude Chromebook Enterprise devices :

Specifications Latitude 5400
Chromebook Enterprise
Latitude 5300 2-in-1
Chromebook Enterprise
Operating System Google Chrome
Processor Options 8th Gen Intel Core Processor (4 cores)
Memory Options DDR4-2666 (set to 2400 MHz)
– 2 slots, supporting up to 32 GB
Graphics Options Intel UHD Graphics 620 / 610
Display 14-inch FHD touch display
14-inch FHD non-touch display
14-inch HD non-touch display
13.3-inch FHD touch display
with Gorilla Glass
Storage Options M.2 2230 PCIe / NVMe SSD (up to 1 TB)
Connectivity Features LAN : Gigabit Ethernet
Wi-Fi : Intel Wireless-AC 9560 (2×2)
Bluetooth : BT 5.0
LTE : Optional Intel XMM 7360 LTE-Advanced
Security Features H1 Secure Processor
Verified Boot
Google Chrome Enterprise with Console
VMware Workspace ONE
Dell Data Guardian Cloud
Optional Dell Data Security + Management
Ports + Slots 1 x USB 3.1 Gen 2 Type C
3 x USB 3.1 Gen 1
1 x HDMI 1.4
1 x RJ-451 x optional micro SIM card tray
1 x microSD 4.0 memory card reader
1 x USB 3.1 Gen 2 Type C
3 x USB 3.1 Gen 1
1 x HDMI 1.4
1 x optional micro SIM card tray
1 x microSD 4.0 memory card reader
Battery Options 4-cell 68 WHr Long Life
4-cell 68 WHr ExpressCharge
3-cell 51 WHr ExpressCharge
3-cell 42 WHr ExpressCharge
4-cell 60 WHr Long Life
4-cell 60 WHr ExpressCharge
3-cell 42 WHr ExpressCharge
Power Options 90 W, Type C or 7.4 mm barrel
65 W, Type C or 7.4 mm barrel
90 W, 7.4 mm barrel only
65 W, Type C or 7.4 mm barrel
Dimensions 323.05 mm wide
216.0 mm deep20.85 mm thick
305.7 mm wide
207.5 mm deep
19.3 mm thick
Starting Weight 1.47 kg 1.36 kg

 

Easy Deployment + Management With Dell Unified Workspace

The new Dell Latitude Chromebook Enterprise devices offer more than just more affordable Latitude options.

Using Dell Unified Workspace, they can be easily configured, deployed and managed by IT teams, offering a better work space experience for IT, business managers and employees.

Recommended : How Dell Unified Workspace Simplifies IT Management!

 

Recommended Reading

Go Back To > ComputerBusiness | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Google Password Checkup Guide – Read Before You Install!

Google just released a new Chrome extension called Password Checkup. Practically everyone thinks it is the best thing since sliced bread.

Is it really that good? Should YOU install it? Find out what it does, and what you should know about Password Checkup, before you install it.

 

Password Checkup

Google will already warn you if your Google Account is compromised in any way, forcing you to change your password. However, they were not able to do that for your non-Google accounts.

That changes with Password Checkup.

What Does Password Checkup Do?

Once added to Google Chrome, Password Checkup will work like a password watchdog. Every time you log into a non-Google website, it will check your login and password against a database of about 4 million leaked logins.

What Happens If It Detects A Match?

If it detects a match, you will be alerted and asked to change your password. If you are using the same login and password combination in other websites, you should obviously also change them as well.

Your New Password Will Be Verified Too

The Password Checkup extension will also verify the your new password has not been compromised either.

Sounds awesome? Well, not so fast…

 

Does Password Checkup Share My Data?

Google promises that Password Checkup would not report any identifying information. But it will still collect some information that Google may share or utilise :

  • number of lookups that reveals an unsafe credential
  • whether an alert leads to a password change, and
  • the website domain involved

That said, Google will find a way somehow to benefit from it… See the next section.

 

Caveat : You Must Be Signed-In

Most privacy-conscious individuals who use Google Chrome do not sign into their Google Account. This allows them to anonymise their browsing history, and prevent data sharing across the many Google services.

However, Password Checkup explicitly requires you to be logged into your Google Account. It will only work if you stay logged into your Google Account while using Chrome.

[adrotate group=”1″]

 

Should You Install Password Checkup?

The requirement to stay logged into your Google Account is, frankly, troubling because the extension should not need you to be logged in to verify your password against a database of leaked passwords.

After all, you can already do the same anonymously at HaveIBeenPwned.

Now, we are not saying that it’s wrong for Google to try and benefit from this. This requirement is literally the price you pay for this free checking service – you must log into your Google Account and let Google track and monetise your browsing habits.

If you are fine with that, head over to the next page for our guide on how to install Password Checkup, turn it on and off, and more!

 

Workaround For The Privacy Conscious

If you are privacy-conscious, there is a way to have your cake and eat it too. Like all workarounds, it does entail some hassle, so you decide if it’s worth the effort.

You can install and use Password Checkup periodically. Google actually allows you to disable and re-enable it (see next page) whenever you wish. However, you can disable it just by logging out of your Google Account.

Login credentials don’t leak all the time, so it’s perfectly alright NOT to use Password Checkup every day. Once a week or month, just log into your Google Account and log into your non-Google accounts, to make sure they have not been compromised.

Then you can log out of your Google Account, effectively disabling Password Checkup, and use Google Chrome without sharing your browsing history with Google.

Next Page >  Password Checkup – Installation | Turning On / Off | Muting Warnings | Deleting Data

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


How To Add Password Checkup

Password Checkup only works on Google Chrome, so obviously, you should have Google Chrome installed in the first place. Then…

  1. Open Google Chrome and sign in to your Google Account.
  2. Go to the Chrome store and download Password Checkup.
  3. Follow the steps on your screen.

 

How To Turn Password Checkup On / Off?

  1. Open Google Chrome and sign in to your Google Account.
  2. In the top right, select More   More tools Extensions.
  3. Find Password Checkup in the list of extensions.
  4. Turn Password Checkup on or off.

But note that turning it off does not delete data created and stored by the extension.

How To Mute Warnings For A Website

When you receive a warning, you should IMMEDIATELY change your password. But if for some reason, you need to do this later, you can choose to mute the warnings you receive for a particular website :

  • Select the Ignore for this site option to mute all future warnings for the website.
  • To restore future warnings for that website (or others that you have muted too), you will need to delete the stored information (see the next section).

 

How To Delete Data Stored By Password Checkup

If Password Checkup finds that a login and password combination has been compromised, it will create and store a hashed, partial code for that combination in your Chrome browser. This partial code can’t be used to recreate a complete version of your login info.

To delete this code on your Chrome browser, change your unsafe password or follow these steps:

  1. Open Google Chrome, and sign in to your Google Account.
  2. At the top, select Password Checkup from the Toolbar  Advanced Settings  Clear Extension Data.

Note: This info is used to stop all future notifications about an unsafe password. If you delete this info, you might see notifications about unsafe passwords you’ve chosen to ignore.

 

Recommended Reading

[adrotate group=”2″]

Go Back To > First PageSoftware | Cybersecurity | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Everything On The Meltdown + Spectre CPU Flaws! Rev. 3.0

The Meltdown and Spectre CPU flaws that the Google Project Zero team discovered are arguably the worst we have ever known. These vulnerabilities were built into BILLIONS of CPUs that we have been using for the last decade or so.

Not just Intel CPUs, but also CPUs made by AMD, Apple and ARM. Even those that power our smartphones and other smart devices!

Let’s take a look at what we know so far about Meltdown and Spectre, how they affect you, and what we can do about them.

This story is still developing. We will update the article as and when new details emerge. Be sure to check back and refresh the page for the latest information!

 

Article Update History

Click here for the Article Update History

2018-02-17 : Updated the table of CPUs vulnerable to Meltdown and Spectre. Updated four sections with new information.

2018-02-05 : Added a table of CPUs vulnerable to Meltdown and Spectre. Updated three sections with new information.

2018-01-25 : Revamped the entire article. Added a new section on the difference between Meltdown and Spectre, and a new section on InSpectre. Updated the list of vulnerable processors, mitigation efforts by Microsoft and Apple, as well as the Intel spontaneous reboot issues with their Spectre 2 patches.

2018-01-16 : Updated the list of vulnerable processors, and added a new section on Intel CPUs spontaneously rebooting after applying Meltdown and Spectre patches. Also added cautionary advice on holding off these updates.

2018-01-12 : Updated the article with the AMD confirmation that their processors are vulnerable to both Spectre exploits. Also added details on the Google Retpoline mitigation technique against Spectre attacks.

2018-01-11 : Added new sections on the performance impact of the Meltdown and Spectre mitigation patches, and reports of those patches bricking some AMD PCs. Also expanded the list of affected CPUs, and corrected information on the Intel-SA-00086 Detection Tool.

Between 2018-01-09 and 2018-01-10 : Numerous updates including details of patches and affected CPUs.

Originally posted @ 2018-01-09

 

The Meltdown + Spectre Vulnerabilities

  • The Project Zero team identified these vulnerabilities in 2017, reporting it to Intel, AMD and ARM on 1 June 2017.
  • These vulnerabilities take advantage of the Speculative Execution and Branch Prediction features of the modern processor, that have been used for many years to improve performance.
  • Speculative Execution lets the CPU predict and pre-execute the next instruction, allowing it to “instantly” deliver the results if it’s correct.
  • Branch Prediction helps the CPU predict future execution paths that should be speculatively-executed for better performance.
  • There are THREE (3) variants of the speculative execution CPU bug :
    • Variant 1 : Bounds Check Bypass (CVE-2017-5753)
    • Variant 2 : Branch Target Injection (CVE-2017-5715)
    • Variant 3 : Rogue Data Cache Load (CVE-2017-5754)
  • The Spectre attack (whitepaper) exploits variants 1 and 2.
  • The Meltdown attack (whitepaper) exploits variant 3.
  • There is a Variant 3a, which appears to affect only certain ARM processors.

 

What’s The Difference Between Meltdown & Spectre?

  • Spectre tricks the CPU branch predictor into mis-predicting the wrong path, thereby speculatively executing code that would not otherwise be executed.
  • Meltdown takes advantage of the out-of-order execution capability of modern processors, tricking them into executing malicious code that would normally not be allowed.
  • The Spectre name is based on both the root cause – speculative execution, and the fact that it is not easy to fix, and will haunt us for a long time like a spectre (ghost).
  • The Meltdown name was chosen because the vulnerability “basically melts security boundaries which are normally enforced by the hardware“.

 

How Bad Are Meltdown & Spectre?

  • The Spectre exploits let an attacker access and copy information from the memory space used by other applications.
  • The Meltdown exploit lets an attacker copy the entire physical memory of the computer.
  • Unless patched, the affected processors are vulnerable to malware and cyberattacks that exploits this CPU bug to steal critical information from running apps (like login and credit card information, emails, photos, documents, etc.)
  • While the Meltdown exploit can be “fixed”, it is likely that the Spectre exploit cannot be fixed, only mitigated, without a redesign of the processors. That means we will have to live with the risks of a Spectre attack for many more years to come.

 

How Many Processors Are Affected? Updated!

For the complete list of affected AMD, Apple, ARM and Intel processors, please see this separate article – The Complete List Of CPUs Vulnerable To Meltdown / Spectre

Company Spectre 1 Spectre 2 Meltdown
AMD 295 Server CPUs
42 Workstation CPUs
396 Desktop CPUs
208 Mobile CPUs
295 Server CPUs
42 Workstation CPUs
396 Desktop CPUs
208 Mobile CPUs
None
Apple 13 Mobile SoCs 13 Mobile SoCs 13 Mobile SoCs
ARM 10 Mobile CPUs
3 Server SoCs
10 Mobile CPUs
3 Server SoCs
4 Mobile CPUs
3 Server SoCs
IBM 10 POWER CPUs 10 POWER CPUs 10 POWER CPUs
Intel 732 Server / Workstation CPUs
443 Desktop CPUs
583 Mobile CPUs
51 Mobile SoCs
732 Server / Workstation CPUs
443 Desktop CPUs
583 Mobile CPUs
51 Mobile SoCs
732 Server / Workstation CPUs
443 Desktop CPUs
583 Mobile CPUs
51 Mobile SoCs

Total

2786 CPUs 2786 CPUs 1839 CPUs

For the complete list of affected AMD, Apple, ARM and Intel processors, please see this separate article – The Complete List Of CPUs Vulnerable To Meltdown / Spectre

 

Intel Detection Tool?

The Intel-SA-00086 Detection Tool does NOT detect the processor’s susceptibility to these vulnerabilities. It only checks for different vulnerabilities affecting the Intel Management Engine.

 

InSpectre

Our reader Arthur shared that the Gibson Research Corporation has an aptly-named utility called InSpectre.

It checks for Meltdown and Spectre hardware and software vulnerabilities in a Windows system. It will help you check if your system is getting patched properly against these vulnerabilities.

 

What Is Being Done??? Updated!

Note : The terms “mitigate” and “mitigation” mean the possibility of a successfully attacked are reduced, not eliminated.

  • Intel has started issuing software and firmware updates for the processors introduced in the last 5 years. By the middle of January 2018, Intel expects to have issued updates for more than 90% of those CPUs. However, that does not address the other Intel processors sold between 2010 and 2012.
  • Microsoft and Linux have started to roll our the KPTI (Kernel Page Table Isolation) patch, also known as the KAISER (Kernel Address Isolation to have Side-channels Efficiently Removed) patch.
  • The KPTI or KAISER patch, however, will only protect against the Meltdown exploit. It has no effect on a Spectre attack.
  • Microsoft Edge and Internet Explorer 11 received the KB4056890 security update on 3 January 2018, to prevent a Meltdown attack.
  • Firefox 57 includes changes to mitigate against both attacks.
  • Google Chrome 64 will be released on 23 January 2018, with mitigations against Meltdown and Spectre attacks.
  • For Mac systems, Apple introduced mitigations against Spectre in macOS 10.13.2 (released on 8 January 2018), with more fixes coming in macOS 10.13.3.
  • For iOS devices, Apple introduced mitigations against Meltdown in iOS 11.2 and tvOS 11.2.
  • On 8 January 2018, Apple released iOS 11.2.2, which mitigates the risk of the two Spectre exploits in Safari and WebKit, for iPhone 5s, iPad Air, and iPod touch 6th generation or later.
  • ARM has made available the KPTI / KAISER kernel patches for Linux, while Google will provide them for Android.
  • Google patched Android against both exploits with the December 2017 and January 2018 patches.
  • Google shared details of their Return Rrampoline (Retpoline) binary modification technique that can be used to protect against Spectre attacks. It is a software construct that ensures that any associated speculative execution will “bounce” (as if on a trampoline) endlessly.
  • NVIDIA issued six driver and security updates for affected devices and software between 3-9 January 2018.
  • On 11 January 2018, AMD announced that the “majority of AMD systems” have received the mitigation patches against Spectre 1, albeit some older AMD systems got bricked by bad patches. They also announced that they will make “optional” microcode updates available for Ryzen and EPYC processors by the same week.
  • In the same 11 January 2018 disclosure, AMD also shared that Linux vendors have started to roll out OS patches for both Spectre exploits, and they’re working on the “return trampoline (Retpoline)” software mitigations as well.[adrotate group=”2″]
  • On 23 January 2018, Apple released Meltdown patches for macOS Sierra and OS X El Capitan, but not macOS High Sierra.
  • On 23 January 2018, Microsoft finally revealed their Spectre and Meltdown patch schedule.
  • On 24 January 2018, AMD revealed their 11 software mitigations for both Spectre exploits.
  • The 24 January 2018 AMD whitepaper also revealed that the AMD K10 and K8 processors are vulnerable as well, adding an additional 663 CPU models to the list of vulnerable processors.
  • On 2 February 2018, Microsoft released KB4078130 to disable the Spectre 2 patches that were causing many Intel systems to randomly and spontaneously reboot.
  • On 8 February 2018, an Intel microcode update schedule revealed that their Penryn-based processors are also vulnerable, adding an additional 314 CPU models to the list of vulnerable processors.
  • On 14 February 2018, Intel revealed an expanded Bug Bounty Program, offering up to $250,000 in bounty awards.

 

Some AMD PCs Got Bricked

In the rush to mitigate against Meltdown and Spectre, Microsoft released Windows 10 patches that bricked some AMD PCs. They blamed the incorrect / incomplete documentation provided by AMD.

You can read more about this issue @ These Windows 10 Updates Are Bricking AMD PCs!

 

Buggy Intel Spectre 2 Patches Updated!

Intel’s rush to patch Meltdown and Spectre resulted in buggy microcode patches, causing several generations of their CPUs to randomly and spontaneously reboot.

So far, over 800 Intel CPU models have been identified to be affected by these spontaneous reboot issues. If you have one of the affected CPUs, please hold off BIOS / firmware updates!

Intel has identified the cause as the Spectre 2 patches in their microcode updates for some of these processors. They’re still investigating the cause of the other affected CPU models.

Fortunately for Windows users, Microsoft issued the KB4078130 emergency update to stop the reboots while Intel worked to fix the issue.

You can read more about this issue @ The Intel Spectre Reboot Issue, and the Microsoft solution @ KB4078130 : Emergency Windows Update To Disable Intel Spectre Patches!

 

What Should You Do? Updated!

First and foremost – DO NOT PANIC. There is no known threat or attack using these exploits.

Although we listed a number of important patches below, the buggy updates are worse than the potential threat they try to fix. So we advise HOLDING OFF these patches, and wait for properly-tested versions a few weeks down the line.

  • If you are using Windows, make sure you install the latest Microsoft Spectre and Meltdown updates.
  • If you are using a Mac system, get the latest Apple Spectre and Meltdown patches.
  • If you are using an iOS device, get updated to iOS 11.2 or tvOS 11.2.
  • If you are using Firefox, update to the latest Firefox 57.
  • If you are using Google Chrome, make sure you watch out for Chrome 64, which will be released on 23 January.
  • Download and install the latest software firmware updates from your PC, laptop, motherboard brands. In particular, install the latest driver for the Intel Management Engine (Intel ME), the Intel Trusted Execution Engine (Intel TXE), and the Intel Server Platform Services (SPS)
  • If you are running an ARM processor on Linux, grab the kernel patches.
  • IBM POWER system users can download and install these firmware updates.
  • Users of affected NVIDIA systems can download and install these driver and firmware updates.
  • If you are using an Intel system, hold off updating your firmware, unless you have already verified that your CPU is not affected by the buggy Intel patches, or Intel has already issued corrected patches.

 

The Performance Impact Of The Mitigation Patches

Many benchmarks have been released, showing performance impacts of between 5% to 30%, depending on the type of benchmark and workload. Microsoft has called those benchmark results into question, stating that they did not cover both operating system and silicon microcode patches.

They released an initial report on their findings, which we have summarised in our article – Pre-2016 Intel CPUs Hit Worst By Meltdown + Spectre Fix.

 

Meltdown + Spectre Reading Suggestions

[adrotate group=”2″]

Go Back To > Articles | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!