FragmentSmack Vulnerability to be Discovered in Windows

The vulnerability affects all versions of Windows 7 through 10, Server 2008, 2012, 2016, and Core Installations that don't have the latest security updates 
18 September 2018   1055

Microsoft released security recommendations regarding the vulnerability called FragmentSmack with the code number CVE-2018-5391. The exploit implements DoS-attacks, allowing an attacker to cause a full load of the CPU, because of which the OS ceases to respond to external influences. Vulnerabilities are affected by all versions of the operating system, starting with Windows 7, not having the latest security updates.

To implement the attack, an attacker sends a stream of eight-byte fragmented IP packets to the victim's computer with a random offset of the fragment. However, the last fragment is not sent. When the system tries to collect information into a single file, the worst case of the algorithm for processing the associated array is implemented. As a result, the load on the central processor reaches 100%. System performance is restored as soon as data flow ceases.

A similar vulnerability was observed in Windows 3.11 and 95, and resulted in a system crash.

The OS developers has already prepared the necessary updates. In case the user for some reason can not make an update, Microsoft recommends that to block the assembly of packages using console commands:

Netsh int ipv4 set global reassemblylimit = 0
Netsh int ipv6 set global reassemblylimit = 0

The company warns that these actions can lead to packet loss.

The Microsoft Azure FragmentSmack service will not have any effect, malicious traffic is blocked by external layers of protection for virtual machines.

FragmentSmack is a cross-platform vulnerability. In August 2018, this exploit was detected in Linux-based systems version 3.9 and higher. Developers have already released updates that eliminate the possibility of attack on this vector.

Huawei May Use Russian OS Instead Android

Due to US sanctions, popular smartphone manufacturer is negotiating of using Russian OS called Aurora, which is based on Sailfish OS
11 June 2019   497

The Bell has received information from several unnamed sources about the discussion of the possibility of using the proprietary mobile operating system Aurora on some types of Huawei devices.

The movement in the direction of Aurora has so far limited itself only to a discussion of the possibility of using this OS, no plans have been presented. The discussion was attended by the Minister of Digital Development and Communications Konstantin Noskov and the Executive Director of Huawei. The meeting also raised the issue of creating a joint production of chips and software in Russia. The information was not confirmed at Rostelecom, but expressed willingness to cooperate.

Huawei declined to comment on the published information. At the same time, the company is developing its own mobile platform Hongmeng OS (Arc OS), providing compatibility with Android applications. The first release of Hongmeng OS is scheduled for the fourth quarter of this year. Two options will be offered - for China and the global smartphone market. It is alleged that Hongmeng OS has been in development since 2012 and was ready for the beginning of 2018, but was not delivered due to the use of Android as a main platform and partnership with Google.

There is evidence that for testing in China, the first batch of 1 million Hongmeng OS-based smartphones has already been distributed. Technical details are not disclosed yet and it is not clear whether the platform is built on Android code or only includes a layer for compatibility. Huawei has long been delivering its own Android edition - EMUI, it is possible that it is the basis of Hongmeng OS.

Huawei’s interest in alternative mobile systems is driven by restrictive measures introduced by the US Department of Commerce, which will restrict Huawei’s access to Android services falling under a commercial agreement with Google, as well as breaking commercial relations with ARM.

Sailfish is partly a proprietary mobile operating system with an open system environment, but closed by the user shell, basic mobile applications, QML components for building the Silica graphical interface, an interlayer for launching Android applications, a smart text input engine and a data synchronization system. The open system environment is built on the basis of Mer (fork MeeGo), which since April has been developing as an integral part of Sailfish, and packages of the Mer distribution package Nemo. On top of the Mer system components, a graphical stack is launched based on the Wayland and Qt5 library.