ESB-2018.1962 - [Win] Apple Boot Camp: Multiple vulnerabilities 2018-07-06

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2018.1962
               Apple patches KRACK attack in Boot Camp 6.4.0
                                6 July 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Apple Boot Camp
Publisher:         Apple
Operating System:  Windows
Impact/Access:     Access Privileged Data         -- Remote/Unauthenticated      
                   Provide Misleading Information -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2017-13080 CVE-2017-13078 CVE-2017-13077

Reference:         ESB-2017.2620
                   ESB-2017.2766
                   ESB-2017.2778

Original Bulletin: 
   https://support.apple.com/en-au/ht201222

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2018-7-05-1 Wi-Fi Update for Boot Camp 6.4.0

Wi-Fi Update for Boot Camp 6.4.0 is now available and addresses the
following:

Wi-Fi
Available for the following machines while running Boot Camp:
MacBook (Late 2009 and later), MacBook Pro (Mid 2010 and later),
MacBook Air (Late 2010 and later), Mac mini (Mid 2010 and later),
iMac (Late 2009 and later), and Mac Pro (Mid 2010 and later)
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA
unicast/PTK clients (Key Reinstallation Attacks - KRACK)
Description: A logic issue existed in the handling of state
transitions. This was addressed with improved state management.
CVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at
KU Leuven
CVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at
KU Leuven

Wi-Fi
Available for the following machines while running Boot Camp:
MacBook (Late 2009 and later), MacBook Pro (Mid 2010 and later),
MacBook Air (Late 2010 and later), Mac mini (Mid 2010 and later),
iMac (Late 2009 and later), and Mac Pro (Mid 2010 and later)
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA
multicast/GTK clients (Key Reinstallation Attacks - KRACK)
Description: A logic issue existed in the handling of state
transitions. This was addressed with improved state management.
CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at
KU Leuven

Installation note:

Wi-Fi Update for Boot Camp 6.4.0 may be obtained from Apple Software
Update for Windows. Information about using Apple Software Update
for Windows is available at:
https://support.apple.com/KB/HT208038

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
- -----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEfcwwPWJ3e0Ig26mf8ecVjteJiCYFAls+eK0ACgkQ8ecVjteJ
iCZtWBAAyZFkY+MjJXSZMO6fr7tQdGHK+GZRlV3s7UUh6xFzz+FelguPLTDrnF8f
+iVaO35ftkGh52rNdczRAM5oBmCEgM/PQKtqaxIv0SlINTwMgcGqPvZpbBP3d8iV
Ow7yzmiVlpzHpvcDlkFLvo1jN1nPqXeyDiBW1tzQerc3RXJZsq6TZ+hZ4y4oaGJF
YKf4cdMxiWge+iFQhAkYsoWoAvodLwNi6CQX8VHI1JqYpkoDM3DCwhjwnqmk3Yl9
VC5B8GWHhFHSAfWLz9zu9ffm+CgptGUcUxsEbbfWhIrsdgT/RFHklwfSWcPzgdfS
JZWIgptzvQBCWa3bUszpRN9wcYbQCKV1ZpyMsFOesO7UKHIG4Z7+GaH5f8Dreu4j
KLbJsCpKPBcP4SLm7yaC5Kjwl1BIYimnbcMSLBWLFHBhrXX0FypnOF4TUj7tNMmK
3IUzbf3GLuVFGiTAxPR7oqk/sFNIhjEM0AjtswSjYA5nfFRFkHxPQqn0E4jZ+HNP
3wKZIZ2U1qT/CHecFJ+W7J9XgG6t5HeHN14wkWwdxRBsB6DyMY48epXeoJPo9haT
0G1kCMfZFBHV2c7cct2pjbgCl8bzWcLZ7atT3GsQjdmQegzTPN9B8xSgB3Clv73f
rlLE63BBmH/Ft5TpATTs+R0cF+lJEQm94h6Hl3NRm9o7665BuY0=
=JpXa
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWz7fEGaOgq3Tt24GAQigPxAAm/Lhtaw93M4Dnn5eUbnlwJLA/M/DA3RY
2uzR5MrOmrW3anAtLIoHX/jxdsN8WD5uERii2Kn//e/DGSriRgWa2YVsQ166bqbw
KorONG2Uiw8N/d4SveqiHU8H5rTTe0RdTrIwondMzsxo1ydRFgBThDEKPQqlDtTk
OIMfL1+Mye/SN/Gz80Pb3PwuMV7ZtZxKMYmnxRvkdME1aWfl/mfyXERdEeiiXMCw
hopN6xIerFjboCGRWKOCmV5vY/iRxHxXN1FGrRS9gJQdURfZi2cgy6knwyNeJiW9
gJQ0MfTPP8RL2dJW6Eg9zmR5NxZGTJxBtz2EB4ig6ccEQMRYo+TseSOK7C8BhIYk
dIqbWpZOHdQBtWB7p81MCTOK8jqE9RGovU7UQDXWZ9pokm4dxUdyLpBvfmPJVx/9
6hTyRBqRLtaj541ZdKOinK2jVFez+6VbSN8TphM0CuBbs1/JLDqAm3+Npxoc8tmY
96QlNsSEWINbcuw0T9ZtzbD7BGOkg7mIx8JbMQIVX4RI+TW2dvBARh8D9HojFFq1
hEhsH/KHJ7fLVPdwcIzdAjTdVrsBfqARNISGYa5LQiWTZeySF2pY9fgXF1N5UdyM
LQbAbMbnWNbz/esVNVUq9blYs+KMAF0bbZEvTgPehX24cG916za5gtnCJf5VzLSo
R8puNIWg3YM=
=36Ss
-----END PGP SIGNATURE-----

« Back to bulletins