DOCSLIB.ORG

WAMOS 2018 Fourth Wiesbaden Workshop on Advanced Microkernel Operating Systems

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
WAMOS 2018 Fourth Wiesbaden Workshop on Advanced Microkernel Operating Systems WAMOS 2018 Fourth Wiesbaden Workshop on Advanced Microkernel Operating Systems Editor / Program Chair: Robert Kaiser RheinMain University of Applied Sciences Information Science Unter den Eichen 5 65195 Wiesbaden Germany Technical Report July 2018 Contents Foreword 3 Program Committee 3 Session 1: Hardware-Related Attacks 5 Branchscope and more Dominik Swierzy ......................................... 5 Exploiting Speculative Execution (Spectre) via JavaScript Lucas Noack and Tobias Reichert ................................. 11 Spectre-NG, an avalanche of attacks Marius Sternberger ........................................ 21 Common Attack Vectors of IoT Devices Alexios Karagiozidis ....................................... 27 Session 2: Mitigation 35 Mitigation of actual CPU attacks A hare and hedgehog race not to win Jens Nazarenus .......................................... 35 KPTI a Mitigation Method against Meltdown Lars Mller ............................................. 41 Current state of mitigations for spectre within operating systems Ben Stuart ............................................. 47 Overview of Meltdown and Spectre patches and their impacts Marc Lw .............................................. 53 Attempts towards OS Kernel protection from Code-Injection Attacks Bernhard Grtz ........................................... 63 An overview about Information Flow Control at different categories and levels Danny Ziesche ........................................... 69 Session 3: Cross-Cutting Concerns 75 Detecting Spectre Attacks by identifying Cache Side-Channel Attacks using Machine Learning Philipp Altmeyer and Jonas Depoix ................................ 75 Software based side-channel attacks on CPUs - Their history and how we behaved Harald Heckmann ......................................... 87 Adapting Kerckhoffss principle: CPU Attacks leading a path from cryptography to open-source- hardware Thorsten Knoll .......................................... 93 Program 100 © Copyright 2018 RheinMain University of Applies Sciences (HSRM). All rights reserved. The copyright of this collection is with HSRM. The copyright of the individual articles remains with their authors. Foreword Welcome to HSRM and to WAMOS 2018, the fourth edition of the Wiesbaden Workshop on Advanced Micro- kernel Operating Systems. This workshop series was conceived to provide a forum for students of the technical seminar on advanced operating systems at Wiesbaden University of Applied Sciences to present their work. Besides submitting papers themselves, students also serve as members of the program comittee and are involved in the peer-reviewiewing process. The intention, besides the presentation of interesing operating system papers, is to provide hands-on experience in organizing and running a workshop. The authors were given the opportunity to revise and re-submit final versions of their papers based on the reviews. The papers contained herein are the final versions submitted just before the workshop. I’d like to thank all participants for their enthusiasm. The Workshop Chair, Robert Kaiser RheinMain University of Applied Sciences Wiesbaden, Germany Program Committee Jens Nazarenus, Wiesbaden University of applied sciences Jonas Depoix, Wiesbaden University of applied sciences Alexios Karagiozidis, Wiesbaden University of applied sciences Ben Stuart, Wiesbaden University of applied sciences Marius Sternberger, Wiesbaden University of applied sciences Thorsten Knoll, Wiesbaden University of applied sciences Danny Ziesche, Wiesbaden University of applied sciences Bernhard Grtz, Wiesbaden University of applied sciences Marc Lw, Wiesbaden University of applied sciences Harald Heckmann, Wiesbaden University of applied sciences Tobias Reichert, Wiesbaden University of applied sciences Lucas Noack, Wiesbaden University of applied sciences Dominik Swierzy, Wiesbaden University of applied sciences Philipp Altmeyer, Wiesbaden University of applied sciences Lars Mller, Wiesbaden University of applied sciences RheinMain University of Applied Sciences, Wiesbaden, Germany 3 Branchscope and more Dominik Swierzy RheinMain University of Applied Sciences [email protected] ACM Reference Format: Text0 Text0 Text0 Text0 Text0 Text0 Texts Texts Texts Texts Texts Textt Textt Textt Textt Textt Textd Textd Textd Textd Textd Text0 Text0 Text0 Text0 Text0 Text1 Text0 Text0 Text0 Text0 Text0 Destination Dominik Swierzy. 2018. Branchscope and more. In Proceedings of WAMOS. Addition Register Addition Register Opcode ACM, New York, NY, USA, 6 pages. Register Abstract Figure 1: Bit presentation of an add instruction. This paper will provide the basic knowledge of how a CPU and further- more a Branch Prediction Unit (BPU) works to later describe how one of the recent offspring of Spectre and Meltdown called Branchscope operates. ... Branchscope is like Spectre targeting the BPU but while Spectre attacks add $d $s $ t the Branch Target Buffer inside of the Branch Predictor Branchscope fo- cuses on the Direction Predictor itself and is thereby one of the first. With beq $s $ t ADDRESS Branchscope it is possible to read secret data from a victim program if the ... secret is used for a directional branch making it a huge vulnerability. If the CPU shall execute this program, it will first be loaded into 1 INTRODUCTION RAM. Although the machine code is still readable by a human in RAM it will be encoded just in bits. Therefore the add Instruction The introduction of Meltdown [1] and Spectre [2] showed huge vul- from the listing could in memory have the representation depicted nerabilities in modern CPU in regards of out of order execution and in figure 1 with a specific address pointing toit. speculatively execution. These side channel attacks are allowing The opcode contains the information which instruction the bits an attacker to read normally protected memory of other programs are representing and therefore how they have to be decoded. Op- or even the kernel which can lead to leakage of cryptographic keys code 100000 is the add instruction therefore the bits 25 to 21 (repre- or personal data. Since these vulnerabilities exist on the hardware sented with ’s’) are decoding the first register, the bits marked with itself and are not software bugs there are no easy fixes. The most t the second register and d the destination register. The unused bits used fix against Meltdown is KAISER [3] but leads to a performance are set to zero and do not have an effect on the operation. drop of up to 30% [4]. The execution of the program follows a pipeline. First a register Another side channel attack which exploits these vulnerabilities which contains the address of the next instruction which has to be is Branchscope [5]. Branchscope was published March 2018 and executed will be read. This register is called program counter or similar to Spectre attacks the Branch Prediction Unit (BPU) of a short PC. This stage of the Execution-Pipeline is called Instruction- CPU. Unlike Spectre and other side channel attacks, Branchscope Fetch (IF). After fetching the instruction has to be decoded, this though attacks the Direction Predictor inside a BPU and not the happens in stage two called instruction decode (ID). In this stage it Branch Target Buffer as usual. Branchscope works from user space will be determined if some registers have to be read or a memory on multiple modern Intel processors and can even be extended to access is necessary. In the above mentioned example the opcode attack Intels Software Guard Extensions. would be decoded as an add-instruction and therefore it would be Outline: First of all it will be explained how modern CPUs known that the values of the two registers s and t have to be read work and especially Branch Prediction Units since these will be and provided for the next stages. In the Execution-Phase (EXE) attacked by Branchscope. After showing the design of BPUs the the actual computation of the instruction will be done, hence s + t general attack procedure will be stated. Afterwards the require- would be calculated. If a memory reference would be needed a ments and assumptions for an successfull attack will be shown. virtual address would be determined in the EXE-Stage. The next Finally mitigation tactics against Branchscope will be shown and a stage is called memory access (MEM) and as long as the instruction short summary. doesn’t need to access memory it will be skipped otherwise the memory will be accessed. The last step in the pipeline is called 2 CPU PIPELINING write back (WB) which writes the result of the instruction into the The following listing shows some example machine code which destination register specified in the instruction. could be part of a bigger software: Every instruction has to go through these steps but through pipelining as soon as one instruction leaves the IF-stage and enters Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed the ID-Stage the next instruction can enter the IF-stage, therefore for profit or commercial advantage and that copies bear this notice and the full citation up to five instructions can be simultaneously processed as seenin on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, figure 2. to post on servers or to redistribute to lists, requires prior specific permission and/or a Unfortunately
Load more

Recommended publications
  • HTTP Cookie - Wikipedia, the Free Encyclopedia 14/05/2014
    HTTP cookie - Wikipedia, the free encyclopedia 14/05/2014 Create account Log in Article Talk Read Edit View history Search HTTP cookie From Wikipedia, the free encyclopedia Navigation A cookie, also known as an HTTP cookie, web cookie, or browser HTTP Main page cookie, is a small piece of data sent from a website and stored in a Persistence · Compression · HTTPS · Contents user's web browser while the user is browsing that website. Every time Request methods Featured content the user loads the website, the browser sends the cookie back to the OPTIONS · GET · HEAD · POST · PUT · Current events server to notify the website of the user's previous activity.[1] Cookies DELETE · TRACE · CONNECT · PATCH · Random article Donate to Wikipedia were designed to be a reliable mechanism for websites to remember Header fields Wikimedia Shop stateful information (such as items in a shopping cart) or to record the Cookie · ETag · Location · HTTP referer · DNT user's browsing activity (including clicking particular buttons, logging in, · X-Forwarded-For · Interaction or recording which pages were visited by the user as far back as months Status codes or years ago). 301 Moved Permanently · 302 Found · Help 303 See Other · 403 Forbidden · About Wikipedia Although cookies cannot carry viruses, and cannot install malware on 404 Not Found · [2] Community portal the host computer, tracking cookies and especially third-party v · t · e · Recent changes tracking cookies are commonly used as ways to compile long-term Contact page records of individuals' browsing histories—a potential privacy concern that prompted European[3] and U.S.
    [Show full text]
  • Mozilla/Firefox: MDN Web Docs, Recommended Extensions and Tenfourfox FPR23 for Intel
    Published on Tux Machines (http://www.tuxmachines.org) Home > content > Mozilla/Firefox: MDN Web Docs, Recommended Extensions and TenFourFox FPR23 for Intel Mozilla/Firefox: MDN Web Docs, Recommended Extensions and TenFourFox FPR23 for Intel By Rianne Schestowitz Created 12/06/2020 - 5:32am Submitted by Rianne Schestowitz on Friday 12th of June 2020 05:32:58 AM Introducing the MDN Web Docs Front-end developer learning pathway[1] The MDN Web Docs Learning Area (LA) was first launched in 2015, with the aim of providing a useful counterpart to the regular MDN reference and guide material. MDN had traditionally been aimed at web professionals, but we were getting regular feedback that a lot of our audience found MDN too difficult to understand, and that it lacked coverage of basic topics. Fast forward 5 years, and the Learning Area material is well-received. It boasts around 3.5?4 million page views per month; a little under 10% of MDN Web Docs? monthly web traffic. At this point, the Learning Area does its job pretty well. A lot of people use it to study client- side web technologies, and its loosely-structured, unopinionated, modular nature makes it easy to pick and choose subjects at your own pace. Teachers like it because it is easy to include in their own courses. Recommended extensions ? recent additions [2] When the Recommended Extensions program debuted last year, it listed about 60 extensions. Today the program has grown to just over a hundred as we continue to evaluate new nominations and carefully grow the list. The curated collection grows slowly because one of the program?s goals is to cultivate a fairly fixed list of content so users can feel confident the Recommended extensions they install will be monitored for safety and security for the foreseeable future.
    [Show full text]
  • Other Cpu Side-Channel Vulnerabilities
    Security Advisory OTHER CPU SIDE-CHANNEL VULNERABILITIES PUBLISHED: DECEMBER 14, 2018 | LAST UPDATE: FEBRUARY 18, 2020 SUMMARY Over the course of 2018 -2020 industry researchers disclosed a variety of side-channel vulnerabilities for contemporary processor technologies in addition to the more notable Meltdown and Spectre exposures. These additional variants of side-channel vulnerabilities share the same exposures as Meltdown and Spectre for A10 products and are separately addressed in this document. Item Score # Vulnerability ID Source Score Summary 1 CVE-2018-0495 CVSS 3.0 5.1 Med ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries 2 CVE-2018-3615 CVSS 3.0 6.3 Med L1 Terminal Fault-SGX (aka Foreshadow) 3 CVE-2018-3620 CVSS 3.0 5.6 Med L1 Terminal Fault-OS/SMM 4 CVE-2018-3646 CVSS 3.0 5.6 Med L1 Terminal Fault-VMM 5 CVE-2018-3665 CVSS 3.0 5.6 Med Kernel: FPU state information leakage via lazy FPU restore 6 CVE-2018-5407 CVSS 3.0 4.8 Med Intel processor side-channel vulnerability on SMT/Hyper- Threading architectures (PortSmash) 7 A10-2019-0001 A10 Low SPOILER: Speculative Load Hazards Boost Rowhammer and Cache Attacks (i) 8 CVE-2018-12126 CVSS 3.0 6.5 Med x86: Microarchitectural Store Buffer Data Sampling - MSBDS (Fallout) 9 CVE-2018-12127 CVSS 3.0 6.5 Med x86: Microarchitectural Load Port Data Sampling - Information Leak - MLPDS 10 CVE-2018-12130 CVSS 3.0 6.2 Med x86: Microarchitectural Fill Buffer Data Sampling - MFBDS (Fallout, RIDL) 11 CVE-2019-11091 CVSS 3.0 3.8 Low x86: Microarchitectural Data Sampling Uncacheable Memory - MDSUM 12 CVE-2019-11184 CVSS 3.0 4.8 Med hardware: Side-channel cache attack against DDIO with RDMA (NetCat) 13 CVE-2020-0548 CVSS 3.0 2.3 Low hw: Vector Register Data Sampling (CacheOut) 14 CVE-2020-0549 CVSS 3.0 6.5 Med hw: L1D Cache Eviction Sampling (CacheOut) (i) Can only affect vThunder deployments on Intel Core CPUs.
    [Show full text]
  • Giant List of Web Browsers
    Giant List of Web Browsers The majority of the world uses a default or big tech browsers but there are many alternatives out there which may be a better choice. Take a look through our list & see if there is something you like the look of. All links open in new windows. Caveat emptor old friend & happy surfing. 1. 32bit https://www.electrasoft.com/32bw.htm 2. 360 Security https://browser.360.cn/se/en.html 3. Avant http://www.avantbrowser.com 4. Avast/SafeZone https://www.avast.com/en-us/secure-browser 5. Basilisk https://www.basilisk-browser.org 6. Bento https://bentobrowser.com 7. Bitty http://www.bitty.com 8. Blisk https://blisk.io 9. Brave https://brave.com 10. BriskBard https://www.briskbard.com 11. Chrome https://www.google.com/chrome 12. Chromium https://www.chromium.org/Home 13. Citrio http://citrio.com 14. Cliqz https://cliqz.com 15. C?c C?c https://coccoc.com 16. Comodo IceDragon https://www.comodo.com/home/browsers-toolbars/icedragon-browser.php 17. Comodo Dragon https://www.comodo.com/home/browsers-toolbars/browser.php 18. Coowon http://coowon.com 19. Crusta https://sourceforge.net/projects/crustabrowser 20. Dillo https://www.dillo.org 21. Dolphin http://dolphin.com 22. Dooble https://textbrowser.github.io/dooble 23. Edge https://www.microsoft.com/en-us/windows/microsoft-edge 24. ELinks http://elinks.or.cz 25. Epic https://www.epicbrowser.com 26. Epiphany https://projects-old.gnome.org/epiphany 27. Falkon https://www.falkon.org 28. Firefox https://www.mozilla.org/en-US/firefox/new 29.
    [Show full text]
  • APPLE-Bug PE 2017-10
    September 2016 Volume 37 Number 10 Public Edition Main Presentation: macOS High Sierra - the new bits Free Public Edition of the Apple-Bug Magazine ! Free Apple-Q FOSS Birthday Disk macOS High Sierra for all new members- with up to 30 GB of Freeware & Open Source Software and over 180 Apple-Q HowTo Tutorials! (see details inside) QuickBytes: Travelling with your iPad - QuickBits: iOS 11 - the new bits Apple-Bug September 2016 1 What’s On: Presentations - Sunday 15th October 2017 Main Presentation: QuickBytes: QuickBits: macOS High Sierra Travelling with iOS 11 - the new - the new bits your iPad bits 11:45am -> 12.30pm 2.00 -> 2:30 2:30 -> 2.45 Having recently returned from an overseas holiday, the only electronic items Ken took with him were an iPhone, iPad and camera. He found the iPad invaluable for travelling with, particularly Leigh has been spending his time in light of the vast number of apps updating his system to the newly available. How did he ever survive released macOS High Sierra. previously without one? This has not been without its share of This new version brings some welcome drama as the Cloud server then Come along and listen to all the pros and and useful features. dropped all his settings and returned cons of travelling with the iPad. A complete overhaul of the iPad to its default settings. interface has occurred - e.g., it now has Although he was able to save his new a dock. files to the Cloud others had trouble The swipe up menu is a little easier to accessing these files.
    [Show full text]
  • 8 News and Help
    News and Help The plan is to collate any news in this document. I’ll then archive the content to another document so we can still access it but we only need to access the same document for all the new news. August 2020 Apple Updates, Improvements and Company News macOS Catalina 10.15.6 includes improvements to Apple News, a new option to optimise video streaming on HDR-compatible Mac notebooks for improved battery life, improvements to USB mouse and trackpad handling, and a fix for an issue that could cause the software update process to change the computer's name. 10.15.6 and the corresponding security updates for Mojave and High Sierra address a variety of serious vulnerabilities. Safari 13.1.2 is part of Catalina 10.15.6 and is also available for Mojave and High Sierra. It addresses 11 security issues, some of which can be remotely exploited to execute arbitrary code. iOS 13.6 brings the much-heralded digital car keys feature (initially for very recently made BMWs, and including key sharing via Messages and a 'power reserve' allowing keys to be used up to five hours after the phone's battery runs out). iOS 13.6 and iPadOS 13.6 include Apple News improvements (including audio news), a 'symptoms' category in the Health app, and various changes and fixes relating to software updates, iCloud Drive, Wi-Fi calling, and other features. The updates also address a total of 29 issues that could be variously exploited to execute arbitrary code, view sensitive information, and allow cross-site scripting, among others.
    [Show full text]
  • Today's Leftovers Today's Leftovers
    Published on Tux Machines (http://www.tuxmachines.org) Home > content > today's leftovers today's leftovers By Rianne Schestowitz Created 05/11/2020 - 7:44am Submitted by Rianne Schestowitz on Thursday 5th of November 2020 07:44:46 AM Filed under Misc [1] TenFourFox Development: TenFourFox FPR29b1 available [2] TenFourFox Feature Parity Release 29 beta 1 is now available (downloads, hashes, release notes). Raphaël's JavaScript toggle is back in the Tools menu but actually OlgaTPark gets most of the credit this release for some important backports from mainline Firefox, including fixes to DOM fetch which should improve a number of sites and adding a key combination (Command-Option-R in the default en-US locale) to toggle Reader View. These features require new locale strings, so expect new language packs with this release (tip of the hat to Chris T who maintains them). The usual bug and security fixes apply as well. FPR29 will come out parallel with Firefox 78.5/83 on or about November 17. Ben Hutchings: Debian LTS work, October 2020 [3] I was assigned 6.25 hours of work by Freexian's Debian LTS initiative and carried over 17.5 hours from earlier months. I worked 11.5 hours this month and returned 7.75 hours to the pool, so I will carry over 4.5 hours to December. [...] I updated linux (4.9 kernel) to include upstream stable fixes, and issued DLA-2420-1. This resulted in a regression on some Xen PV environments. Ian Jackson identified the upstream fix for this, which had not yet been applied to all the stable branches that needed it.
    [Show full text]
  • Leopard 10.5.8 Latest Software
    Leopard 10.5.8 latest software Here is a list of the latest software that OS X Leopard supports. If you have software that can be added, tell me in the thread and where to find it, so we can expand the list. A lot of the software is not on the mac repository sites or other sites, some download links are broken and programs or any info about them will be extremely hard to find. I have a lot of free space on my HDD and I store all this software & can send a download link whenever someone needs something (ideal solution is if we can make a file server or make a new updated PCC store). I first used a list from “The Leopard Thread”, sorted everything better (sorry if something isn't in order) and added programs that weren't there before. Also, some of the programs weren't the latest version, so I found the latest, found a serial and added it in the folder. Please, if you want to add something on the list, check if it truly is the latest version for PPC! Also, if some program is put under incorrect label or there is a better version, please tell me in the thread, i want to make it as best as possible! Green Have latest version of the software and a working serial if it needs one Blue Have latest version of the software, but no serial Red Downloaded latest version of the software, but haven’t tested it Magenta I guess that this is the latest version, but can’t find a download link anywhere Black Not downloaded or checked if it works or latest version Bold Black - made a list like this before without checking too much if the programs were latest ​ version & these weren't on the Leopard Thread list, so i copied them & need to check again 1.
    [Show full text]
  • Invisispec: Making Speculative Execution Invisible in the Cache Hierarchy
    InvisiSpec: Making Speculative Execution Invisible in the Cache Hierarchy Mengjia Yany, Jiho Choiy, Dimitrios Skarlatos, Adam Morrison∗, Christopher W. Fletcher, and Josep Torrellas University of Illinois at Urbana-Champaign ∗Tel Aviv University fmyan8, jchoi42, [email protected], [email protected], fcwfletch, [email protected] yAuthors contributed equally to this work. Abstract— Hardware speculation offers a major surface for the attacker’s choosing. Different types of attacks are possible, micro-architectural covert and side channel attacks. Unfortu- such as the victim code reading arbitrary memory locations nately, defending against speculative execution attacks is chal- by speculating that an array bounds check succeeds—allowing lenging. The reason is that speculations destined to be squashed execute incorrect instructions, outside the scope of what pro- the attacker to glean information through a cache-based side grammers and compilers reason about. Further, any change to channel, as shown in Figure 1. In this case, unlike in Meltdown, micro-architectural state made by speculative execution can leak there is no exception-inducing load. information. In this paper, we propose InvisiSpec, a novel strategy to 1 // cache line size is 64 bytes defend against hardware speculation attacks in multiprocessors 2 // secret value V is 1 byte 3 // victim code begins here: Fig. 1: Spectre variant 1 at- by making speculation invisible in the data cache hierarchy. 4 uint8 A[10]; tack example, where the at- InvisiSpec blocks micro-architectural covert and side channels 5 uint8 B[256∗64]; tacker obtains secret value V through the multiprocessor data cache hierarchy due to specula- 6 // B size : possible V values ∗ line size 7 void victim ( size t a) f stored at address X.
    [Show full text]
  • Process: Firefox [56432] Path: /Users/Christophtrusch/Desktop
    Process: firefox [56432] Path: /Users/christophtrusch/Desktop/TenFourFoxDebug.app/Contents/MacOS/firefox Identifier: com.floodgap.tenfourfoxdebug Version: 45.39.0 (4520.11.25) Code Type: PPC (Native) Parent Process: launchd [1] Date/Time: 2020-12-24 12:13:50.297 +0100 OS Version: Mac OS X 10.5.8 (9L31a) Report Version: 6 Anonymous UUID: ACC79CEE-F1D0-4CC3-96FC-6CFFEF5B2942 Exception Type: EXC_BAD_ACCESS (SIGBUS) Exception Codes: KERN_PROTECTION_FAILURE at 0x0000000000000000 Crashed Thread: 0 Thread 0 Crashed: 0 XUL 0x0aa87964 __ZNK2js12NativeObject7getSlotEj.part.767 + 56 1 XUL 0x0a0fb79c __ZN2js11ScopeObject10aliasedVarENS_15ScopeCoordinateE.isra.798 + 472 2 XUL 0x0a11c608 __ZL9InterpretP9JSContextRN2js8RunStateE + 21332 3 XUL 0x0a126a24 js::RunScript(JSContext*, js::RunState&) + 348 4 XUL 0x0a126e50 js::Invoke(JSContext*, JS::CallArgs const&, js::MaybeConstruct) + 664 5 XUL 0x0a1181e0 __ZL9InterpretP9JSContextRN2js8RunStateE + 3884 6 XUL 0x0a126a24 js::RunScript(JSContext*, js::RunState&) + 348 7 XUL 0x0a126e50 js::Invoke(JSContext*, JS::CallArgs const&, js::MaybeConstruct) + 664 8 XUL 0x0a1181e0 __ZL9InterpretP9JSContextRN2js8RunStateE + 3884 9 XUL 0x0a126a24 js::RunScript(JSContext*, js::RunState&) + 348 10 XUL 0x0a126e50 js::Invoke(JSContext*, JS::CallArgs const&, js::MaybeConstruct) + 664 11 XUL 0x0a127ba4 js::Invoke(JSContext*, JS::Value const&, JS::Value const&, unsigned int, JS::Value const*, JS::MutableHandle<JS::Value>) + 640 12 XUL 0x09f41b3c JS::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, JS::HandleValueArray
    [Show full text]
  • Manually Update Firefox Mac Os X 10.4 11
    Manually Update Firefox Mac Os X 10.4 11 Mozilla Firefox for Mac 38.0.5: Mozilla sets the benchmark for web browsers. Mozilla Firefox is a free, free download and install mozilla firefox 2013. Apple wants us to recycle our perfectly good classic Macs and stick us on the soulless consumer treadmill. We're not only compatible with Mac OS X 10.4 and 10.5, but we also build our browser 31.8.0 is a security update for TenFourFox. Oct 31, 2014. I have an old Mac G4 with 10.4.11 OS and Safari 4.1.3 as my search engine. You won't be able to install the modern versions of FireFox either, there is a port. TenFourFox is a simple, clean and intuitive Mac OS X application that enables you to enjoy the TenFourFox uses the industry standard Mozilla Firefox browser and rewrite it in order to make it compatible with Mac OS X 10.4 and 10.5. an update. web browser Firefox PPC internet browser web browser website web site. Install Firefox with MacUpdate Desktop. Install Now Firefox 3.6.28 for OS X 10.4.11 firefox mac 10.4.11 free download (Mac) - Mozilla Firefox for Mac 38.0.1:. Please install the USB driver, then use the USB flash update which updates the FireWire firmware as well. 03/19/2015 11/03/2009, fut_win_fire_800.zip OS X. Download in Firefox: Right click the driver file (*.gz) and choose "Save target. Mac OS X (10.4 or up) PowerPC driver for Fireface 400 / 800, version 2.62a.
    [Show full text]
  • Revue D'actualité
    Revue d’actualité 10/07/2018 Préparée par Arnaud SOULLIE @arnaudsoullie Vllaid.ilimir K0iLLjA @myinlamleijsv_ David PELTIER Étienne Baudin @etiennebaudin Failles / Bulletins / Advisories Failles / Bulletins / Advisories (MMSBGA) Microsoft - Avis MS18-051 Vulnérabilités dans Internet Explorer (4 CVE) ● Exploit: ○ 3 x Exécution de code à distance ■ Publiée publiquement: CVE-2018-8267 ○ 1 x Contournement d'ASLR ● Crédits: ○ Eric Lawrence (CVE-2018-8113) ○ Mateusz Garncarek de ING Tech Poland Piotr Madej de ING Tech Poland (CVE-2018-0978) ○ Scott Bell de Security-Assessment.com (CVE-2018-8249) ○ Dmitri Kaslov de Telspace Systems par Trend Micro's Zero Day Initiative (CVE-2018-8267) MS18-052 Vulnérabilités dans Edge (8 CVE) ● Exploit: ○ 5 x Exécution de code à distance ○ 1 x Contournement d'ASLR Dont 0 communes avec IE: ○ 2 x Fuite d'information ● Crédits: ○ Yunhai Zhang de NSFOCUS (CVE-2018-8111) ○ Jake Archibald - Google - https://jakearchibald.com (CVE-2018-8235) ○ Marcin Towalski (@mtowalski1) (CVE-2018-8110) ○ Michael Holman, Microsoft Chakra Core Team (CVE-2018-8227) ○ Zhenhuan Li(@zenhumany) de Tencent Zhanlu Lab (CVE-2018-8234) ○ Ziyahan Albeniz de Netsparker (CVE-2018-0871) ○ Yuki Chen de Qihoo 360 Vulcan Team, Chakra par Trend Micro's Zero Day Initiative (CVE-2018-8236) ○ Lokihardt de Google Project Zero (CVE-2018-8229) Failles / Bulletins / Advisories (MMSBGA) Microsoft - Avis MS18-053 Vulnérabilités in Windows (4 CVE) ● Affecté: ○ Windows toutes versions supportées ● Exploit: ○ 1 x Déni de service ○ 2 x Exécution de code à distance
    [Show full text]