Urgent Apple Security Updates

Apple has released two urgent security warnings for iOS, iPadOS and macOS in response to two new zero-day vulnerabilities.

The company believes both weaknesses – found in WebKit, the engine which underpins Safari, Apple device kernels, and many other apps – are being actively exploited by hackers.

A vulnerable device that accesses “maliciously crafted web content” would allow hackers to execute code, and even to “execute arbitrary code with kernel privileges” – essentially full access to the device.

Affected Software Versions Include:

  • iOS prior to 15.6.1
  • iPadOS prior to 15.6.1
  • macOS Monterey 12 Prior to 12.5.1

Users are advised to check their OS version and update immediately. To do this, please navigate to:

  • On iPhone or iPad: Settings > General > Software Update
  • On Mac: Apple Menu > About this Mac > Software Update

 

For Apple Support and Expertise, please contact our team today.


DNS Vulnerability: Your IT Team to the Rescue

July 14th: as Microsoft flag a ‘Critical’ Level-10 DNS vulnerability on Domain Name System (DNS) servers worldwide, Lineal engineers rush to patch the infrastructure of dozens of organisations overnight.

The Microsoft Security Response Center recently released details of CVE-2020-135, a ‘Critical Remote Code Execution’ weakness deemed ‘wormable’ (potentially spreading between devices automatically) affecting all Windows Server versions.

A grade of 10.0 is the highest possible severity level that can be assigned under the Common Vulnerability Scoring System Calculator. For comparison the WannaCry attack, which temporarily crippled the NHS in 2017, had a CVSS rating of 8.5.

Lineal staff use remote monitoring software to administer large numbers of client servers and devices, monitor hardware health and deploy patches more rapidly – and were quickly on the case overnight to patch the vulnerability as a special emergency.

dns vulnerability conversation

Within 8 hours we’d patched a large number of DNS servers – applying both an initial fix and further scheduled updates.

DNS is a naming technology which translates the identities of computers, servers and other networked devices into the IP addresses used for connecting on private and public IT networks.

dns how stuff works diagram

For this reason, DNS servers often have massive reach, and must be carefully protected to mitigate the risk of compromising an organisation’s technology on a huge scale – even across the globe.

Israeli IT security firm Checkpoint Software Technologies, who discovered the 17-year old hidden bug and reported it to Microsoft, argue ‘this is not just another vulnerability’ and risks handing an attacker ‘complete control of your IT’ if IT admins fail to address the issue urgently.

 

For IT expertise and support, please contact our team today.


DrayTek Vigor Firmware Warning

At time of writing, Lineal technical support staff are currently updating DrayTek Vigor firmware for all clients with known DrayTek equipment.


Enterprise Router provider DrayTek has called for urgent firmware updates, following discovery of a security vulnerability.

20 different business router models from DrayTek’s Vigor range are known to be affected by the security flaw, known as DNS hijacking, which may allow a third-party to alter DNS settings by issuing commands to a dormant session of the web-based DrayTek router control interface.

The unwelcome news marks the first major security flaw to befall the acclaimed networking equipment brand for some time – and comes less than a year since DrayTek won PC PRO’s ‘Best Router Brand Award’ for 2017.

A Vigor router showing IP number 38.134.121.95 is reported to be a likely indicator of compromise, and affected routers may exhibit unusual network behaviours.

DrayTek’s official guidance warns that this is likely to be only a preparatory ‘phase 1’ of any like cyber-attack by criminals, preparing re-direction of web traffic to compromised web pages which might capture unsuspecting users’ passwords or other sensitive information.

As a general security precaution, it’s always worth logging out of web-portals and other accounts not being used (including your email, social media, bank account and device itself… or indeed your router’s configuration panel.)

If you have a DrayTek Vigor router not covered by a Lineal Support Agreement with us, please get in touch for guidance.

Please check back for updates