From technical point of view, the Intel CPU design limitation jeopardize downstream product vendor. VMware is one of the vendor do the remediation immediately. A memory bank built into the CPU chip. Also known as the “primary cache,” an L1 cache is the fastest memory in the computer and closest to the processor. Let’s think it over? If memory is allocated by the VMkernel and virtualized by monitor. CPU is controlled by scheduler and virtualized by monitor. If address translations may allow unauthorized disclosure of information residing in the L1 data cache? So, the attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis equilvant as a monitor.

As such , VMware do the following:

https://www.vmware.com/security/advisories/VMSA-2018-0020.html

An official announcement state that there are three more data-leakage security holes found in Intel chips:

• CVE-2018-3615 – L1 Terminal Fault: SGX
• CVE-2018-3620 – L1 Terminal Fault: OS/SMM
• CVE-2018-3646 – L1 Terminal Fault: VMM

Across the board, Intel’s desktop, workstation, and server CPUs are vulnerable.

Official announcement shown as below:

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html

Reminder: I am using window 7 instead of windows 10. In retrospect, I did patch management which focus for spectre on Jan 2018. It behind my seen that CPU vulnerability still valid on my PC. The cache-misses as compared to missed-branches data collected from Spectre is possible on my PC (see attached screen-shot for reference). So I believe that this flaw (L1TF) substained. Furthermore the vendor known earlier. May be the vendor believe that this is the appropriate timeframe to announce.

Below historical record for reference:

CPU vulnerability remediation status update – especially Spectre

When I was young, the comics story attracting my seen. The comics picture similar provides like a virtual speaker tell a story to me.

Oracle has released a security alert to address a vulnerability in multiple versions of Oracle Database yesterday. A remote attacker could exploit this vulnerability to take control of an affected system. See whether below picture can tell a story to you. If not, go ahead below official hyperlink for reference.

Symptom: The vulnerability allows low-privileged attackers that have Create Session privilege with network access via Oracle Net to compromise the Java VM component.

http://www.oracle.com/technetwork/security-advisory/alert-cve-2018-3110-5032149.html

Security Assertion Markup Language (SAML) is an open standard for exchanging authentication and authorization data between parties. If you ask me, what is the design objective of SAML. It make your life simple.Also this is the aim for computer system. But a pin does not have two points. For those who use single sign on also provides a benefits to attacker. Keycloak is an open source software product to allow single sign-on with Identity Management and Access Management aimed at modern applications and services. As of March 2018 this JBoss community project is under the stewardship of Red Hat who use it as the upstream project for their RH-SSO product. Docker had already built a great deal of momentum since 2015. Docker product such a way integrated the open source products integrate to business world especially cloud computing platform. So it does not lack of single sign on, right. From technical point of view, take the easy way and make it simple, it coincident equivalent with boolean expression theory.
Keycloak has vulnerability occured. In Keycloak 3.4.3, a handling of certifciate method has design weakness. A expired certificates let a malicious user could use this to access unauthorized data or possibly conduct further attacks. See below url for reference.

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10894

VMware announce that a bug found on their Horizon Connection Server, Horizon Agent, and Horizon Clien. However Horizon Agents on Linux-based systems and Horizon Clients on non-Windows systems are not affected. The symptom is that out-of-Bounds Memory Read Error in Message Framework Lets Local Users View Portions of System Memory on the Target System. From technical point of view, what is out of bound read? That is software reads data past the end, or before the beginning, of the intended buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash.But the out of bound memory read problem not a new issue. Do you remember? That is CVE-2018-6968 (The Out-of-Bounds Memory Read Error lets Local Users on a Guest System Gain Elevated Privileges on the Guest System). Just happen less than a month.

The key word vulnerability similar human being caugh, flu or headache. No worries!

Offical announcement shown as below:

https://www.vmware.com/security/advisories/VMSA-2018-0019.html

Mozilla’s bleach library is a security-related library. The design goals of Bleach is to sanitize input of malicious content. Furthermore it let software developer safely create links.

IPython is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language, that offers introspection, rich media, shell syntax, tab completion, and history.

Given a fragment of HTML, Bleach will parse it according to the HTML5 parsing algorithm and sanitize any disallowed tags or attributes.

But Intel announce the following statement in Jul 2018 (see below):

Synopsis – Insufficient Input Validation in Bleach module in Intel® Distribution for Python (IDP) version IDP 2018 Update 2 potentially allows an unprivileged user to bypass URI sanitization and cause a Denial of Service via local vector.

Any interest? Perhaps you have this domain knowledge. Should you have interest, please refer below hyperlink.

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00129.html