Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2018.0049
ADV180002 | Vulnerability in CPU Microcode Could Allow
Information Disclosure
4 January 2018
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Microsoft Internet Explorer 11
Microsoft Edge
Microsoft Windows 10
Microsoft Windows 7
Microsoft Windows 8.1
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016
Publisher: Microsoft
Operating System: Windows
Impact/Access: Access Privileged Data -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2017-5754 CVE-2017-5753 CVE-2017-5715
Reference: ASB-2018.0002.2
ESB-2018.0048
ESB-2018.0047
ESB-2018.0046
ESB-2018.0044
ESB-2018.0042
Original Bulletin:
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv180002
- --------------------------BEGIN INCLUDED TEXT--------------------
ADV180002 | Vulnerability in CPU Microcode Could Allow Information Disclosure
Security Vulnerability
Security Advisory
Published: 01/03/2018
Executive Summary
Microsoft is aware of a new publicly disclosed class of vulnerabilities
referred to as "speculative execution side-channel attacks" that affect many
modern processors and operating systems including Intel, AMD, and ARM. Note:
this issue will affect other systems such as Android, Chrome, iOS, MacOS, so we
advise customers to seek out guidance from those vendors.
Microsoft has released several updates to help mitigate these vulnerabilities.
We have also taken action to secure our cloud services. See below for more
details.
Microsoft has not received any information to indicate that these
vulnerabilities have been used to attack customers at this time. Microsoft
continues working closely with industry partners including chip makers,
hardware OEMs and app vendors to protect customers. To get all available
protections, hardware/firmware and software updates are required. This includes
microcode from device OEMs and in some cases updates to AV software as well.
This advisory addresses the following vulnerabilities:
o CVE-2017-5715 - Bounds check bypass
o CVE-2017-5753 - Branch target injection
o CVE-2017-5754 - Rogue data cache load
Recommended Actions
For consumers, the best protection is to keep your computers up to date. You
can do this by taking advantage of automatic update. Learn how to turn on
automatic updates here. In addition to installing the January 2018 Windows
security updates, you may also need to install firmware updates from your
device manufacturer for increased protection. Check with your device
manufacturer for relevant updates.
If automatic updates are enabled, the January 2018 Windows security update will
be offered to the devices running supported anti-virus (AV) applications.
Updates can be installed in any order.
1. If you have automatic updating enabled and configured to provide updates
for Windows, the updates are delivered to you when they are released, if
your device and software are compatible. We recommend you verify these
updates are installed. If automatic update is not enabled, manually check
for and install the January 2018 Windows operating system security update.
2. Install applicable firmware update provided by your OEM device
manufacturer.
Potential performance impacts
In testing Microsoft has seen some performance impact with these mitigations.
For most consumer devices, the impact may not be noticeable, however, the
specific impact varies by hardware generation and implementation by the chip
manufacturer. Microsoft values the security of its software and services and
has made the decision to implement certain mitigation strategies in an effort
to better secure our products. We continue to work with hardware vendors to
improve performance while maintaining a high level of security.
Advisory Details
Vulnerabilities Description
Speculative execution side-channel vulnerabilities can be used to read the
content of memory across a trusted boundary and can therefore lead to
information disclosure. There are multiple vectors by which an attacker could
trigger the vulnerabilities depending on the configured environment.
Microsoft has been working with hardware and software makers to jointly develop
mitigations to protect customers across Microsoft's products and services.
These mitigations prevent attackers from triggering a weakness in the CPU which
could allow the contents of memory to be disclosed.
Microsoft Windows client customers
In client scenarios, a malicious user mode application could be used to
disclose the contents of kernel memory.
Customers using Windows client operating systems including Windows 7 Service
Pack 1, Windows 8.1, and Windows 10 need to apply both firmware and software
updates. See Microsoft Knowledge Base Article 4073119 for additional
information.
Customers using Microsoft Surface and Surface Book products need to apply both
firmware and software updates. Most customers have automatic updating enabled
and will not need to take any action because this security update will be
downloaded and installed automatically.
Microsoft will continue to work closely with industry partners to improve
mitigations against this class of vulnerabilities.
Microsoft Windows Server customers
In server scenarios, a malicious user-mode application could be used to
disclose the contents of kernel memory. In other multi-tenant hosting
environments, a virtual machine could read the memory of the host operating
system or the memory of other guest operating systems running on the same
physical machine.
Customers using Windows server operating systems including Windows Server 2008
R2 Service Pack 1, Windows Server 2012 R2, and Windows Server 2016 need to
apply firmware and software updates as well as configure protections. See
Microsoft Knowledge Base Article 4072698 for additional information, including
workarounds.
Microsoft will continue to work closely with industry partners to improve
mitigations against this class of vulnerabilities.
Microsoft cloud customers
Microsoft has already deployed mitigations across the majority of our cloud
services and is accelerating efforts to complete the remainder. More
information is available here.
FAQ
1. What systems are at risk from this vulnerability?
o Client Operating Systems Windows Windows client systems are at risk
o Server Operating Systems Windows servers are at risk
2. What are the associated CVEs for these vulnerabilities?
o See CVE-2017-5715
o See CVE-2017-5753
o See CVE-2017-5754
3. Have there been any active attacks detected?
No. When this security advisory was issued, Microsoft had not received any
information to indicate that these vulnerabilities had been used to attack
customers.
4. Have these vulnerabilities been publicly disclosed?
Yes. The vulnerabilities were disclosed on January 3, 2018 at https://
bugs.chromium.org/p/project-zero/issues/detail?id=1272
5. I was not offered the Windows security updates released on January 3, 2018.
What should I do?
To help avoid adversely affecting customer devices, the Windows security
updates released on January 9th, 2018 have only been offered to devices running
compatible antivirus software. Please see Microsoft Knowledge Base Article
4072699 for more information about how to get the updates.
Additional suggested actions
o Protect your PC We continue to encourage customers to follow our Protect
Your Computer guidance of enabling a firewall, getting software updates,
and installing antivirus software. For more information, see Microsoft
Safety & Security Center.
o Keep Microsoft software updated Users running Microsoft software should
apply the latest Microsoft security updates to help make sure that their
computers are as protected as possible. If you are not sure whether your
software is up to date, visit Microsoft Update, scan your computer for
available updates, and install any high-priority updates that are offered
to you. If you have automatic updating enabled and configured to provide
updates for Microsoft products, the updates are delivered to you when they
are released, but you should verify that they are installed.
Acknowledgments
o Jann Horn of Google Project Zero
o Paul Kocher
o Moritz Lipp from Graz University of Technology
o Daniel Genkin from University of Pennsylvania and University of Maryland
o Daniel Gruss from Graz University of Technology
o Werner Haas of Cyberus Technology GmbH
o Mike Hamburg of Rambus Security Division
o Stefan Mangard from Graz University of Technology
o Thomas Prescher of Cyberus Technology GmbH
o Michael Schwarz from Graz University of Technology
o Yuval Yarom of The University of Adelaide and Data61
o Additional information on the Meltdown and Spectre attacks can be found at
their respective web sites.
o Anders Fogh of GDATA Advanced Analytics
Exploitability Assessment
The following table provides an exploitability assessment for this vulnerability at the time of original
publication.
Publicly Exploited Latest Software Release Older Software Release Denial of Service
Disclosed
No No 2 - Exploitation Less Not Applicable 2 - Exploitation Not Not
Likely Less Likely Applicable Applicable
o Affected Products
o CVSS Score
Affected Products
The following software versions or editions are affected. Versions or editions
that are not listed are either past their support life cycle or are not
affected. To determine the support life cycle for your software version or
edition, see the Microsoft Support Lifecycle.
Product Platform Article Download Impact Severity Supersedence
Windows
10 Security
Internet Version 4056891 Update Information Important 4053580
Explorer 11 1703 for 4056891 Security Disclosure
32-bit Update
Systems
Windows
10 Security
Internet Version 4056891 Update Information Important 4053580
Explorer 11 1703 for 4056891 Security Disclosure
x64-based Update
Systems
Windows
10 Security
Internet Version 4056892 Update Information Important 4054517
Explorer 11 1709 for 4056892 Security Disclosure
32-bit Update
Systems
Windows
10 Security
Internet Version 4056892 Update Information Important 4054517
Explorer 11 1709 for 4056892 Security Disclosure
64-based Update
Systems
Windows Security
Internet 10 for 4056893 Update Information Important 4053581
Explorer 11 32-bit 4056893 Security Disclosure
Systems Update
Windows Security
Internet 10 for 4056893 Update Information Important 4053581
Explorer 11 x64-based 4056893 Security Disclosure
Systems Update
Windows
10 Security
Internet Version 4056893 Update Information Important 4053581
Explorer 11 1511 for 4056893 Security Disclosure
32-bit Update
Systems
Windows
10 Security
Internet Version 4056893 Update Information Important 4053581
Explorer 11 1511 for 4056893 Security Disclosure
x64-based Update
Systems
Windows
10 Security
Internet Version 4056890 Update Information Important 4053579
Explorer 11 1607 for 4056890 Security Disclosure
32-bit Update
Systems
Windows
10 Security
Internet Version 4056890 Update Information Important 4053579
Explorer 11 1607 for 4056890 Security Disclosure
x64-based Update
Systems
Windows Security
Internet Server 4056890 Update Information Important 4053579
Explorer 11 2016 4056890 Security Disclosure
Update
Windows 7
for IE
Internet 32-bit 4056568 Cumulative Information Important 4052978
Explorer 11 Systems 4056568 IE Disclosure
Service Cumulative
Pack 1
Windows 7
for IE
Internet x64-based 4056568 Cumulative Information Important 4052978
Explorer 11 Systems 4056568 IE Disclosure
Service Cumulative
Pack 1
Windows IE
Internet 8.1 for 4056568 Cumulative Information Important 4052978
Explorer 11 32-bit 4056568 IE Disclosure
systems Cumulative
Windows IE
Internet 8.1 for 4056568 Cumulative Information Important 4052978
Explorer 11 x64-based 4056568 IE Disclosure
systems Cumulative
Windows
Server
2008 R2 IE
Internet for 4056568 Cumulative Information Important 4052978
Explorer 11 x64-based 4056568 IE Disclosure
Systems Cumulative
Service
Pack 1
Windows IE
Internet Server 4056568 Cumulative Information Important 4052978
Explorer 11 2012 R2 4056568 IE Disclosure
Cumulative
Windows
10 Security
Microsoft Version 4056891 Update Information Important 4053580
Edge 1703 for 4056891 Security Disclosure
32-bit Update
Systems
Windows
10 Security
Microsoft Version 4056891 Update Information Important 4053580
Edge 1703 for 4056891 Security Disclosure
x64-based Update
Systems
Windows
10 Security
Microsoft Version 4056892 Update Information Important 4054517
Edge 1709 for 4056892 Security Disclosure
32-bit Update
Systems
Windows
10 Security
Microsoft Version 4056892 Update Information Important 4054517
Edge 1709 for 4056892 Security Disclosure
64-based Update
Systems
Windows Security
Microsoft 10 for 4056893 Update Information Important 4053581
Edge 32-bit 4056893 Security Disclosure
Systems Update
Windows Security
Microsoft 10 for 4056893 Update Information Important 4053581
Edge x64-based 4056893 Security Disclosure
Systems Update
Windows
10 Security
Microsoft Version 4056888 Update Information Important 4053578
Edge 1511 for 4056888 Security Disclosure
32-bit Update
Systems
Windows
10 Security
Microsoft Version 4056888 Update Information Important 4053578
Edge 1511 for 4056888 Security Disclosure
x64-based Update
Systems
Windows
10 Security
Microsoft Version 4056890 Update Information Important 4053579
Edge 1607 for 4056890 Security Disclosure
32-bit Update
Systems
Windows
10 Security
Microsoft Version 4056890 Update Information Important 4053579
Edge 1607 for 4056890 Security Disclosure
x64-based Update
Systems
Windows Security
Microsoft Server 4056890 Update Information Important 4053579
Edge 2016 4056890 Security Disclosure
Update
Windows 10 Security
for 32-bit 4056893 Update Information Important 4053581
Systems 4056893 Security Disclosure
Update
Windows 10 Security
for x64-based 4056893 Update Information Important 4053581
Systems 4056893 Security Disclosure
Update
Windows 10 Security
Version 1511 4056888 Update Information Important 4053578
for 32-bit 4056888 Security Disclosure
Systems Update
Windows 10 Security
Version 1511 4056888 Update Information Important 4053578
for x64-based 4056888 Security Disclosure
Systems Update
Windows 10 Security
Version 1607 4056890 Update Information Important 4053579
for 32-bit 4056890 Security Disclosure
Systems Update
Windows 10 Security
Version 1607 4056890 Update Information Important 4053579
for x64-based 4056890 Security Disclosure
Systems Update
Windows 10 Security
Version 1703 4056891 Update Information Important 4053580
for 32-bit 4056891 Security Disclosure
Systems Update
Windows 10 Security
Version 1703 4056891 Update Information Important 4053580
for x64-based 4056891 Security Disclosure
Systems Update
Windows 10 Security
Version 1709 4056892 Update Information Important 4054517
for 32-bit 4056892 Security Disclosure
Systems Update
Windows 7 for Security
32-bit 4056897 Only Information
Systems 4056897 Security Disclosure Important
Service Pack Only
1
Windows 7 for Security
x64-based 4056897 Only Information
Systems 4056897 Security Disclosure Important
Service Pack Only
1
Windows 8.1 Security
for 32-bit 4056898 Only Information Important
systems 4056898 Security Disclosure
Only
Windows 8.1 Security
for x64-based 4056898 Only Information Important
systems 4056898 Security Disclosure
Only
Windows
Server 2008 Security
R2 for 4056897 Only Information
Itanium-Based 4056897 Security Disclosure Important
Systems Only
Service Pack
1
Windows
Server 2008 Security
R2 for 4056897 Only Information
x64-based 4056897 Security Disclosure Important
Systems Only
Service Pack
1
Windows
Server 2008
R2 for Security
x64-based 4056897 Only Information
Systems 4056897 Security Disclosure Important
Service Pack Only
1 (Server
Core
installation)
Security
Windows 4056899 Only Information Important
Server 2012 4056899 Security Disclosure
Only
Windows Security
Server 2012 4056899 Only Information Important
(Server Core 4056899 Security Disclosure
installation) Only
Windows Security
Server 2012 4056898 Only Information Important
R2 4056898 Security Disclosure
Only
Windows Security
Server 2012 4056898 Only Information
R2 (Server 4056898 Security Disclosure Important
Core Only
installation)
Security
Windows 4056890 Update Information Important 4053579
Server 2016 4056890 Security Disclosure
Update
Windows Security
Server 2016 4056890 Update Information Important 4053579
(Server Core 4056890 Security Disclosure
installation) Update
Windows Security
Server, 4056892 Update Information
version 1709 4056892 Security Disclosure Important 4054517
(Server Core Update
Installation)
CVSS Score
The following software versions or editions that are affected have been scored
against this vulnerability. Please read the CVSS standards guide to fully
understand how CVSS vulnerabilities are scored, and how to interpret CVSS
scores.
Excel Icon Download
Product Platform Scores Vector
Base Temporal String Environmental
Windows 10
Internet Explorer 11 Internet Version 1703 0 0
Explorer 11 for 32-bit
Systems
Windows 10
Internet Explorer 11 Internet Version 1703 0 0
Explorer 11 for x64-based
Systems
Windows 10
Internet Explorer 11 Internet Version 1709 0 0
Explorer 11 for 32-bit
Systems
Windows 10
Internet Explorer 11 Internet Version 1709 0 0
Explorer 11 for 64-based
Systems
Internet Explorer 11 Internet Windows 10
Explorer 11 for 32-bit 0 0
Systems
Internet Explorer 11 Internet Windows 10
Explorer 11 for x64-based 0 0
Systems
Windows 10
Internet Explorer 11 Internet Version 1511 0 0
Explorer 11 for 32-bit
Systems
Windows 10
Internet Explorer 11 Internet Version 1511 0 0
Explorer 11 for x64-based
Systems
Windows 10
Internet Explorer 11 Internet Version 1607 0 0
Explorer 11 for 32-bit
Systems
Windows 10
Internet Explorer 11 Internet Version 1607 0 0
Explorer 11 for x64-based
Systems
Internet Explorer 11 Internet Windows 0 0
Explorer 11 Server 2016
Windows 7 for
Internet Explorer 11 Internet 32-bit
Explorer 11 Systems 0 0
Service Pack
1
Windows 7 for
Internet Explorer 11 Internet x64-based
Explorer 11 Systems 0 0
Service Pack
1
Internet Explorer 11 Internet Windows 8.1
Explorer 11 for 32-bit 0 0
systems
Internet Explorer 11 Internet Windows 8.1
Explorer 11 for x64-based 0 0
systems
Windows
Server 2008
Internet Explorer 11 Internet R2 for
Explorer 11 x64-based 0 0
Systems
Service Pack
1
Internet Explorer 11 Internet Windows
Explorer 11 Server 2012 0 0
R2
Windows 10
Microsoft Edge Microsoft Edge Version 1703 0 0
for 32-bit
Systems
Windows 10
Microsoft Edge Microsoft Edge Version 1703 0 0
for x64-based
Systems
Windows 10
Microsoft Edge Microsoft Edge Version 1709 0 0
for 32-bit
Systems
Windows 10
Microsoft Edge Microsoft Edge Version 1709 0 0
for 64-based
Systems
Windows 10
Microsoft Edge Microsoft Edge for 32-bit 0 0
Systems
Windows 10
Microsoft Edge Microsoft Edge for x64-based 0 0
Systems
Windows 10
Microsoft Edge Microsoft Edge Version 1511 0 0
for 32-bit
Systems
Windows 10
Microsoft Edge Microsoft Edge Version 1511 0 0
for x64-based
Systems
Windows 10
Microsoft Edge Microsoft Edge Version 1607 0 0
for 32-bit
Systems
Windows 10
Microsoft Edge Microsoft Edge Version 1607 0 0
for x64-based
Systems
Microsoft Edge Microsoft Edge Windows 0 0
Server 2016
Windows 10 for 32-bit Systems 0 0
Windows 10 for 32-bit Systems
Windows 10 for x64-based
Systems Windows 10 for 0 0
x64-based Systems
Windows 10 Version 1511 for
32-bit Systems Windows 10 0 0
Version 1511 for 32-bit
Systems
Windows 10 Version 1511 for
x64-based Systems Windows 10 0 0
Version 1511 for x64-based
Systems
Windows 10 Version 1607 for
32-bit Systems Windows 10 0 0
Version 1607 for 32-bit
Systems
Windows 10 Version 1607 for
x64-based Systems Windows 10 0 0
Version 1607 for x64-based
Systems
Windows 10 Version 1703 for
32-bit Systems Windows 10 0 0
Version 1703 for 32-bit
Systems
Windows 10 Version 1703 for
x64-based Systems Windows 10 0 0
Version 1703 for x64-based
Systems
Windows 10 Version 1709 for
32-bit Systems Windows 10 0 0
Version 1709 for 32-bit
Systems
Windows 7 for 32-bit Systems
Service Pack 1 Windows 7 for 0 0
32-bit Systems Service Pack 1
Windows 7 for x64-based
Systems Service Pack 1 Windows 0 0
7 for x64-based Systems
Service Pack 1
Windows 8.1 for 32-bit systems 0 0
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based
systems Windows 8.1 for 0 0
x64-based systems
Windows Server 2008 R2 for
Itanium-Based Systems Service
Pack 1 Windows Server 2008 R2 0 0
for Itanium-Based Systems
Service Pack 1
Windows Server 2008 R2 for
x64-based Systems Service Pack
1 Windows Server 2008 R2 for 0 0
x64-based Systems Service Pack
1
Windows Server 2008 R2 for
x64-based Systems Service Pack
1 (Server Core installation) 0 0
Windows Server 2008 R2 for
x64-based Systems Service Pack
1 (Server Core installation)
Windows Server 2012 Windows 0 0
Server 2012
Windows Server 2012 (Server
Core installation) Windows 0 0
Server 2012 (Server Core
installation)
Windows Server 2012 R2 Windows 0 0
Server 2012 R2
Windows Server 2012 R2 (Server
Core installation) Windows 0 0
Server 2012 R2 (Server Core
installation)
Windows Server 2016 Windows 0 0
Server 2016
Windows Server 2016 (Server
Core installation) Windows 0 0
Server 2016 (Server Core
installation)
Windows Server, version 1709
(Server Core Installation) 0 0
Windows Server, version 1709
(Server Core Installation)
Mitigations
Microsoft has not identified any mitigating factors for this vulnerability.
Workarounds
Microsoft has not identified any workarounds for this vulnerability.
FAQ
Acknowledgments
Microsoft recognizes the efforts of those in the security community who help us
protect customers through coordinated vulnerability disclosure.
See acknowledgments for more information.
Disclaimer
The information provided in the Microsoft Knowledge Base is provided "as is"
without warranty of any kind. Microsoft disclaims all warranties, either
express or implied, including the warranties of merchantability and fitness for
a particular purpose. In no event shall Microsoft Corporation or its suppliers
be liable for any damages whatsoever including direct, indirect, incidental,
consequential, loss of business profits or special damages, even if Microsoft
Corporation or its suppliers have been advised of the possibility of such
damages. Some states do not allow the exclusion or limitation of liability for
consequential or incidental damages so the foregoing limitation may not apply.
Revisions
Version Date Description
1.0 01/03/2018 Information published.
This vulnerability has no revisions.
(C) 2017 Microsoft
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBWk27bIx+lLeg9Ub1AQiEUxAApHA5tcwZqtWNyAcG38lQbx0KzR8uRmjf
sVXQ6PICP4WJ67TOMh4vSmvy/UDciUIhm3gkIs2rlTuXgs5ATpabi6n9uV7sOlL4
Gduh+EX9uAbcsqN6sVhvtyoLAHUBxQZwsPvGnrfTdR2PlWaGdOoOXI1F+pB/tyyX
tzZt5KEllV5tw1k9dgKVE/uZaGolTTsK2lhqmA63i9ejzT6PMQN8t31tbomtS+2o
Zqm5TDU+jJdeyNbmHai/a/kF4KM957RvWoZYy95rwajOXsJ519x4m/artLL4/deb
17IDDrDSlid0buYqugifuDgtSPpmiEHnjMgxBokCUMszgCLakZuX/FxudmNUMYUs
97FWp7o50McgRzB/HmWTw8yFeQyP4aRRcJhevMIyrsB+dfx/qJS/1bEqCUKq/aVC
iFex8zNA6pd+Pkwjw/LAdfU3xpY7XmM7qnwaXW7b6TfWBMIyso82i6cH4GprrPrJ
oXMaJhEXIzVDviVMxwW10zyqsWOhVx4EIC83sME6vY8b2KLNKEbn035aE1EF9PVn
59pZ3c+GUfytqh8VtW9iipLLBxKhsa7Y2lUEZvET/VlzIGUMhIufRi27P6UeT0VD
uhS7KKJp+oX13YBKvG0g5zK5t8EJ6tieCvZs0u0QVSjWIG1XUPdzuhLA9tB9spUJ
VGeISycGgrE=
=O8G0
-----END PGP SIGNATURE-----