Topic 8A Flashcards
Microsoft Windows vulnerabilities
buffer overflows, input validation problems, and privilege flaws typically exploited to install malware, steal information, or gain unauthorized access.
Large user base including government makes for huge target
Apple’s macOS vulnerabilities
often stem from its UNIX-based architecture, and weaknesses generally appear in access controls, secure boot processes, and third-party software.
Linux vulnerabilities
The open-source nature of Linux and the large community of active developers support a very rapid pace of development.
Kernel vulnerabilities, misconfigurations, and unpatched systems are common issues in Linux.
Despite its reputation for security, its widespread use in the cloud and server infrastructure makes Linux vulnerabilities especially significant.
Mobile OS like Android and iOS as targets
increasing use as primary computing platforms instead of traditional computers make them valuable targets for attack and exploitation.
Android is open source, like Linux, resulting in similar benefits and problems. Additionally, Android OS is fragmented among different manufacturers and versions, resulting in inconsistent patching and updates support.
IOS has also had significant vulnerabilities
Major Windows OS vulnerability example
MS08-067 vulnerability in Windows Server Service.
allowed remote code execution if a specially crafted packet was sent to a Windows server. This vulnerability was exploited by the Conficker worm in 2008, which infected millions of computers worldwide.
MS17-010 represents a significant and critical security update released by Microsoft in March 2017.
This update addressed multiple vulnerabilities in Microsoft’s implementation of the Server Message Block (SMB) protocol (a network file-sharing protocol) that could allow remote code execution (RCE). Essentially, these vulnerabilities, if exploited, could allow an attacker to install programs; view, change, or delete data; or create new accounts with full user rights.
Major mac OS vulnerability example
In 2014, a significant vulnerability called “Shellshock” affected all Unix-based systems, including macOS. It allowed attackers to potentially gain control over a system due to a flaw in the Bash shell. Though it originated from a component in Unix systems, its impact was felt in macOS due to its Unix-based architecture.
Major Android OS vulnerability example
The Stagefright vulnerability discovered in 2015 is a prominent example for Android. It allowed attackers to execute malicious code on an Android device by sending a specially crafted MMS message. This issue was particularly severe due to the ubiquity of the vulnerable component (the Stagefright media library) across Android versions and devices.
Major iOS vulnerability example
In 2019, Google’s Project Zero team discovered a series of vulnerabilities in iOS that nation-state attackers were abusing. These “watering hole” attacks took advantage of several vulnerabilities to gain full access to a device by having the victim visit a malicious website.
Major Linux OS vulnerability example
The Heartbleed bug in 2014 was a severe vulnerability in many Linux systems’ OpenSSL cryptographic software library. The vulnerability allowed attackers to read the systems’ memory running the OpenSSL software’s vulnerable versions, compromising the secret keys used to protect data.
Firmware
Firmware is the foundational software that controls hardware and can contain significant vulnerabilities
Zero-day vulnerability
Previously unknown software or hardware flaws that attackers can exploit before developers or vendors become aware of or have a chance to fix them. The term “zero-day” signifies that developers have “zero days” to fix the problem once the vulnerability becomes known.
Cryptographic vulnerabilities
refer to weaknesses in cryptographic systems, protocols, or algorithms that can be exploited to compromise data. The significance of such vulnerabilities is profound, as cryptography forms the backbone of secure communication and data protection in modern digital systems.
collision attacks
where two different inputs produce the same hash output, which is particularly troubling in scenarios where hashes are used to protect passwords.
Rooting
Involves gaining root access or administrative privileges on an Android device to modify system files, install custom ROMs (modified operating system versions), and access features and settings not available to regular users.
Jailbreaking
Describes gaining full access to an iOS device (iPhone or iPad) by removing the limitations imposed by Apple’s iOS operating system.
Jailbreaking allows users to install unauthorized apps, customize the device’s appearance and behavior, access system files, and bypass restrictions implemented by Apple.
