Security Vulnerability – Meltdown & Spectre

The most recently critical vulnerabilities that called Meltdown and Spectre which will disclose information from operating system that caused by a fundamental design flaw in Intel’s processors.

Google Project Zero has disclosed this the Vulnerability Note (VU#584653). Click HERE to read it.

Question: Are we affected by this Vulnerability?

Answer: Mostly likely yes:

  • The chip vendors Intel, AMD and ARM are affected.
  • Windows, Linux (Android included) and macOS are affected
  • Cloud service vendors such as AWS and AliCloud are affected

To make sure yourself safe from this vulnerability, please keep updated on the newly released patches and apply them when available.

Patching this vulnerability is more difficult than usual: It happens on hardware level, affects multiple platforms, including varies version of mobile and IoT devices.

Some of the big vendors are already giving feedback about their patching status:

  • VMware: https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html
  • AMD: https://www.amd.com/en/corporate/speculative-execution
  • Red Hat: https://access.redhat.com/security/vulnerabilities/speculativeexecution
  • Nvidia: https://forums.geforce.com/default/topic/1033210/nvidias-response-to-speculative-side-channels-cve-2017-5753-cve-2017-5715-and-cve-2017-5754/
  • Xen: https://xenbits.xen.org/xsa/advisory-254.html
  • ARM: https://developer.arm.com/support/security-update
  • Amazon: https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/
  • Mozilla: https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/

If you wish to learn more about this vulnerability, please refer to the following link:

https://meltdownattack.com/

https://social.technet.microsoft.com/wiki/contents/articles/51021.mitgations-for-speculative-execution-side-channel-vulnerabilities-meltdown-spectre.aspx

https://support.microsoft.com/en-gb/help/4072699/january-3-2018-windows-security-updates-and-antivirus-software

 

Thunderbird Incoming email issue : mail server not responsed: Message corrupted

 

I facing issue that my Thunderbird failed sync exchange email to my Thunderbird mail client.I’m getting the following error:-

The RETR command did not succeed. Error retrieving a message. Mail server mailserver.com.my responded: Message corrupted

From the above error already indicates an error on the server and not in Thunderbird. There is a corrupted email in email inbox.

To solve this issue, first you have to logon to webmail and check all the email to find out any abnormal email and remove it. If you not sure which email is corrupted email, you just empty you webmail inbox. Once done, you try to re-sync or re-download email from your Thunderbird. Latest email should be able to come in without any issue.

 

 

How to install telnet on macOS high Sierra?

I just noticed that telnet was removed after i upgrade my Mac to High Sierra (10.13).

In this post, i going to show your guys how to restore telnet on my Mac OS X 10.13.

First, you need to make sure your Mac OS X already installed with homebrew. If not let’s type following command to install it:-

/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

Reference link : https://brew.sh/

Once you have homebrew install on your Mac OS X, run the following command to install telnet

brew install telnet