Tag Archives: cert

IEEE P1735 漏洞,又是 Padding Oracle Attack...

在「IEEE P1735 Encryption Is Broken—Flaws Allow Intellectual Property Theft」這邊看到 US-CERT 發表的「IEEE P1735 implementations may have weak cryptographic protections」,裡面提到的主要漏洞: The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. … Continue reading

Posted in Computer, Murmuring, Network, Privacy, Programming, Security|Tagged , , , , , , , , , , , , , , |Leave a comment

Savitech (盛微) 的 USB 音效驅動程式會安裝 Root CA (被發了 CVE-2017-9758)

在 Hacker News 上看到 CERT 的「Savitech USB audio drivers install a new root CA certificate」提到 Savitech USB audio driver 會安裝自己的 Root CA: Savitech provides USB audio drivers for a number of specialized audio products. Some versions of the Savitech driver … Continue reading

Posted in Computer, Murmuring, OS, Privacy, Programming, Security, Software, Windows|Tagged , , , , , , , , , , , , , , , |Leave a comment