Regarding to the subject matter, please refer to below url for reference.

Q2 2018 Speculative Execution Side Channel Update

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html

Vulnerability of Speculative Processors to Cache Timing Side-Channel Mechanism

https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability

Technology world is a challengeing zone. The key word “rest” looks do not apply to system developer, application programmer and IT expert! I re-call the vulnerability (CVE-2018-8897) to review. It ennounced by security experts for week ago. Perhaps you have full understanding. However no harm in my view point to do the review since it is important. I have time to drill down the detail and visualize my standpoint. This CVE subject mainly focus mishandling of assembler command syntax by system developer since they overlook some advice by CPU vendor. In short the issue is that if the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs. So the focus will be go to virtual machine world. Yes, we are a cloud computing world in the moment. For more details, please refer below url for reference.

https://nvd.nist.gov/vuln/detail/CVE-2018-8897

Shanghai 2345 Network major business focusing Mainland China. This companyprovides Internet access platforms. It provides 2345 Website navigation that facilitates users to find their own needs of the site entrance, as well as provides weather forecasts, practical inquiries, commonly used software download, e-mail login, search engine portal, online collection, and other Internet common service; 2345 Accelerated browser, a computer software; mobile applications; and 2345 Loan King, an Internet credit platform.However there are vulnerabilties found on their Security Guard 3.7 software. Regarding to the vulnerabilities, it is better to uninstall this software. It looks strange that the official website still have ver 3.7 software available to download. Besides, it without any security alert to customer. If you visit the official website today, the latest software update issued on 20th April 2018. Nothing to do or remediation. Strange!

Official web site shown as below:

http://safe.2345.cc/log.htm

Remark: Due to market demand and general ease of access, the efforts have been primarily focused around client software, effectively limiting kernel code coverage to a few generic syscall and IOCTL fuzzers.

ISC Releases Security Advisories for BIND on May 18, 2018. This alert awaken my defense thinking. I was written few articles about the electronic war and the cyber arsenal. But forgot to contains a scenario which annoucned by ISC today (Security Advisories for BIND). Regarding to to the subject (ISC Releases Security Advisories for BIND) indeed described a hacking scenario who focus to doing bad things to the world (distrubuted deniel of services to worldwide DNS services). It is not difficult to understand the way. The method is CVE-2018-5737 + CVE-2018-5736.

Such cyber attack on phase 1 is one to many distribution (Initiating a Zone Transfer), then execute vulnerability (CVE-2018-5737) . As a result the smartphone, server and workstation all can’t work because no DNS service will be available! You can find hints in attached diagram. For more details about the vulnerabilities, please refer below url for references.

CVE-2018-5737: BIND 9.12’s serve-stale implementation can cause an assertion failure in rbtdb.c or other undesirable behavior, even if serve-stale is not enabled.

https://kb.isc.org/article/AA-01606/0

CVE-2018-5736: Multiple transfers of a zone in quick succession can cause an assertion failure in rbtdb.c

https://kb.isc.org/article/AA-01602/0

VMware just released a security update to address a vulnerability in NSX SD-WAN Edge by VeloCloud. I couldn’t find techincal details but vendor state that VeloCloud by VMware will be removing the web ui component service from the product in future releases. My speculation is that the existing design limitation can merge with former vulnerability (CVE-2017-4947). As a result it cause risk happens. See below hints for reference.

There are two different product editions of NSX: NSX for vSphere and NSX for Multi-Hypervisor (MH). It’s speculated they will merge down the road, but for many possible, or soon to be, users of NSX, it doesn’t matter, because they are used to support different use cases. NSX for vSphere is ideal for VMware environments, while NSX for MH is designed to integrate into cloud environments that leverage open standards, such as OpenStack.

Vulnerability Details for reference:

Unauthenticated Command Injection vulnerability in VMware NSX SD-WAN by VeloCloud

https://www.vmware.com/security/advisories/VMSA-2018-0011.html

CVE-2017-4947: vRealize Automation, vSphere Integrated Containers, and AirWatch Console updates address multiple security vulnerabilities

https://www.vmware.com/security/advisories/VMSA-2018-0006.html