Alfred's New Ramblings

Notable security vulnerabilities for 2018

In continuation of the 2017 post on vulnerabilities, the new year started with a big security bang.

  1. Meltdown, affects mainly Intel and some ARM CPUs.  AMD is unknown.
    Spectre, affects all types of CPUs.
    This is as bad as it can get. The root cause comes from speculative execution found in various microprocessors as a way to beat the  superpipelined architecture.
  2. Cisco Smart Install, 20180409 Just turn off that thing if is not in use.
  3. Apache Struts 2.0, Remote Code Execution , 20180822
  4. Facebook SSO – Facebook signon tokens were exposed and all websites using Facebook SSO are vulnerable. link  A in-depth examination here. link


30 Aug 18 – Added Smart Install and Apache Struts

2 Oct 18-  Added Facebook

Tagged on:

Leave a Reply

Your email address will not be published. Required fields are marked *