Example
1:
I have an example for the real-life technological security flaw
which has been appeared in one of the most used applications,i.e.
Adobe Flash Player. So here is the information
related to it in detail:
- The vulnerability which we are going to talk today is one of
the most critical ones and for one of the largest companies
"Adobe". This vulnerability left lakhs of the user
under danger of getting breached.
- The name of the vulnerability is "Flash Player
Vulnerability" with an identification code
"CVE-2018-5002". This vulnerability has been
affecting densely in the Middle East region and was brought into
vision in June 2018.
- What actually was the security flaw here? The security flaw was
one of the stack-based buffer overflow bugs that have been able to
execute arbitrary code.
- The following vulnerability was allowing the attackers to
maliciously craft the Flash object which would help them in
executing codes in the victim machine and then execute the range of
payloads & actions.
How would have
this been prevented?
- The applications are been vulnerable to buffer overflow bugs
when there are certain programming errors or memory leaks left in
the programming.
- Hence, this can be prevented using right programming methods
and also putting best programming techniques to use so that none of
the vulnerabilities are left in open to ruin the applications.
- There must be thorough testing of the application done before
releasing the application publicly and must also make the
application good enough for working against the
vulnerabilities.
Hence, these are the methods in which the vulnerability could
have been prevented.
How did this
vulnerability actually work?
- The vulnerability was allowing the attacker to provide a word
file to download and once executed in the victim PC the adobe flash
exploits would start running.
- This file once executed starts executing the shellcode which
will then enable the attacker to command and control the servers
from which the attacker would gain complete access to the victim
machine.
Patch For
Vulnerability:
- The company has declared the patch for the vulnerability and
can be patched automatically by installing the updated Flash Player
as this was a critical zero-day attack.
- The patch is available only for the users from East Asia as the
vulnerability was highly active in that region.
Hence, this was all on technology security and how to maintain
the security levels in order to stay updated and up to the
mark.
Example
2:
- The second one is the most recent one with
CVE-2019-1010259. This was the most critical
vulnerability which was a type of SQL Injection and has affected
most of the MySQL servers that were deployed in the cloud.
- In some cases, it also leads to the Remote Code Execution.
Hence, it became a very hard job for the affected one to protect
themselves from this vulnerability. As it was claimed to affect
almost 11 million systems.
How did this
vulnerability actually work?
- The vulnerability can be triggered by using a specially crafted
password string which will help the attacker to escalate the
privileges on the MySQL server. The attacker could just enter the
string wherever the system can interact with the database
server.
- The attackers triggered it using the login pages through which
the attackers were getting access to the escalate the privileges of
the MySQL server. After which they would be able to do below
mentioned points:
- Modify the system files or any information on the
database
- Scope of attack is limited as the attacker will not
have control over what can be modified.
Patch for the
vulnerability:
- Microsoft SQL Server team immediately provided with the version
which was fixed and free to download or upgrade for the existing
users as it was a major vulnerability and was being in wild for
recent time.
- The fixed version was listed on the Microsoft website as well
as it was being automatically updated for active users for
diminishing any further damages done to the organizations. The
fixed version which is currently being used is
2018.3.4
Hence, this is another vulnerability which was running in the
wild and was recently a hit among hackers.