페이지 선택

At beginning of 2018, a CPU vulnerability news shocking the whole security industry. According to the Register, a fundamental design flaw in Intel’s processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug. The bug is present in modern Intel processors produced in the past decade. It allows normal user programs – from database applications to JavaScript in web browsers – to discern to some extent the layout or contents of protected kernel memory areas.

These have been helpfully grouped into two vulnerabilities: Spectre, and Meltdown. Spectre allows, among other things, user-mode applications to extract information from other processes running on the same system. Alternatively, it can be used by code to extract information from its own process. Meltdown can be exploited by normal programs to read the contents of private kernel memory.

Hillstone Networks E Series Next Generation Firewall use the MIPS-based Cavium processor, instead of Intel processor. There is currently no report of this vulnerability for this processor.

For more information about this CPU vulnerability, please read these articles:

http://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

https://www.theregister.co.uk/2018/01/04/intel_amd_arm_cpu_vulnerability/

Hillstone Adds Botnet C&C Prevention to StoneOS

Vulnerability Notification: Microsoft Windows Shell Zip File Remote Code Execution

Vulnerability Notification: Cisco Adaptive Security Appliance Webvpn XML Parser Double Free

Announcing Enhancements to Hillstone Networks CloudView

Announcing the Hillstone Server Breach Detection System 2.1

Vulnerability Notification: Adobe ColdFusion Deserialization

Vulnerability Notification: Oracle WebLogic Server XmlAdapter Deserialization

Hillstone Responds to Bad Rabbit Ransomware

Protections of NEW Variant of Petya Ransomware Using Hillstone Network’s Layered Security Solution