57 matches found
Secure Boot Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists when Windows Secure Boot improperly applies an affected policy. An attacker who successfully exploited this vulnerability could disable code integrity checks, allowing test-signed executables and drivers to be loaded on a target device. In addition, ...
MS16-094: Security Update for Secure Boot (3177404)
The remote Windows host is missing a security update. It is, therefore, affected by a security bypass vulnerability in the Secure Boot component due to improperly applying an affected policy. An attacker who has either administrative privileges or access to the host can exploit this issue, via...
Amazon Backtracks On Encryption Removal
Amazon reversed course on its unpopular decision to remove encryption from its Fire OS 5 tablets. Over the weekend, Amazon said, customers’ device-level encryption support will return this spring. The move comes after Amazon customers and privacy activists expressed outrage over the company’s...
Microsoft Windows Trusted Boot Security Feature Bypass Vulnerability
Microsoft Windows is a series of operating systems released by Microsoft Corporation in the United States. kernel is one of the kernels. A security feature bypass vulnerability exists in Microsoft Windows. An attacker can exploit this vulnerability to disable code integrity checking, load signed...
Security feature bypass
The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows physically proximate attackers to bypass the Trusted Boot protection mechanism, and consequently interfere with the integrity of code, BitLocker, Device Encryption, and...
MS15-111: Security Update for Windows Kernel to Address Elevation of Privilege (3096447)
The remote Windows host is affected by the following vulnerabilities : - Multiple elevation of privilege vulnerabilities exist in the Windows kernel due to improper handling of objects in memory. A local attacker can exploit these vulnerabilities, via a specially crafted application, to execute...
KLA10674 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper information...
Android IMSI-Catcher Detector: AIMSICD
AIMSICD is an app to detect IMSI-Catchers . IMSI-Catchers are false mobile towers base stations acting between the target mobile phones and the real towers of service providers. As such they are considered a Man-In-The-Middle MITM attack. In the USA the IMSI-Catcher technology is known under the...
Google Report Lauds Android Security Enhancements
Google has put some hard numbers behind the effectiveness of the security enhancements it has dropped into Android in the past year, and results show that things such as SE Linux SE Android, Verify Apps and Safety Net have cut down on successful attacks against the Android operating system,...
Sophos Safeguard Enterprise本地安全限制绕过漏洞(CVE-2012-4736)
BUGTRAQ ID: 59311 CVECAN ID: CVE-2012-4736 Sophos Safeguard Enterprise是磁盘加密解决方案。 SafeGuard Enterprise 6.0 及其他版本内的Device Encryption Client组件存在安全漏洞,该漏洞源于启用基于卷的加密策略并使用用户定义的密钥时,组件没有正确地阻止使用exFAT USB闪存盘,本地用户可利用此漏洞通过多次removal和reattach操作,绕过目标访问限制并复制敏感信息到设备。 0 Sophos Safeguard Enterprise 厂商补丁: Sophos ----...
CVE-2012-4736
The Device Encryption Client component in Sophos SafeGuard Enterprise 6.0, when a volume-based encryption policy is enabled in conjunction with a user-defined key, does not properly block use of exFAT USB flash drives, which makes it easier for local users to bypass intended access restrictions a...
Design/Logic Flaw
The Device Encryption Client component in Sophos SafeGuard Enterprise 6.0, when a volume-based encryption policy is enabled in conjunction with a user-defined key, does not properly block use of exFAT USB flash drives, which makes it easier for local users to bypass intended access restrictions a...
CVE-2012-4736
The Device Encryption Client component in Sophos SafeGuard Enterprise 6.0, when a volume-based encryption policy is enabled in conjunction with a user-defined key, does not properly block use of exFAT USB flash drives, which makes it easier for local users to bypass intended access restrictions a...
Code injection
Sophos SafeGuard Enterprise Device Encryption 5.x through 5.50.8.13, Sophos SafeGuard Easy Device Encryption Client 5.50.x, and Sophos Disk Encryption 5.50.x have a delay before removal of 1 out-of-date credentials and 2 invalid credentials, which allows physically proximate attackers to defeat t...
CVE-2011-5117
Sophos SafeGuard Enterprise Device Encryption 5.x–5.50.8.13, Sophos SafeGuard Easy Device Encryption Client 5.50.x, and Sophos Disk Encryption 5.50.x are affected by a delay in removing (1) out‑of‑date credentials and (2) invalid credentials. This timing gap lets a physically proximate attacker d...
Travel Security Rundown
Summer travel season is well under way and considering the increasingly common reports detailing device seizures and data searches at international borders, you want to be very careful about the things you travel with. In a recently published SecureList article, Kaspersky Lab expert Dmitry...
McAfee SafeBoot设备加密密码泄漏漏洞
CNCAN ID:CNCAN-2008092310 McAfee SafeBoot Device是一款加密和存取控制相关的安全解决方案。 McAfee SafeBoot设备加密密码检查处理程序不正确过滤读取密码后的BIOS键盘缓冲区,本地攻击者可以利用漏洞获得明文密码信息。 SafeBoot的预启动验证处理程序使用BIOS API读取通过键盘的用户输入,BIOS内部拷贝RAM结构称为BIOS键盘缓冲区中的击键到BIOS数据区域中,在使用后此缓冲区没有被清空刷新,可导致OS成功启动后,攻击者访问0x40:0x1e物理内存位置而获得密码信息。 0 SafeBoot 4 SafeBoot...