Cisco Blogs


Cisco Blog > Threat Research

Talos Identifies Multiple Memory Corruption Issues in Quicktime

Update 2015-08-21: This post has been updated to reflect an additional advisory released on August 20.

Talos, in conjunction with Apple’s security advisories issued on August 13 and August 20, has released six advisories for vulnerabilities that Talos found in Apple Quicktime. In accordance with our Vendor Vulnerability Reporting and Disclosure policy, these vulnerabilities have been reported to Apple and CERT.  This post serves as a summary for the advisories being released in coordination with Apple and CERT.

Ryan Pentney and Richard Johnson of Talos are credited with the discovery of these vulnerabilities.

Read More »

Tags: , , ,

Vulnerability Spotlight: Apple Quicktime Corrupt stbl Atom Remote Code Execution

This post was authored by Rich Johnson, William Largent, and Ryan Pentney. Earl Carter contributed to this post.

Cisco Talos, in conjunction with Apple’s security advisory issued on June 30th,  is disclosing the discovery of a remote code execution vulnerability within Apple Quicktime. This vulnerability was initially discovered by the Talos Vulnerability Research & Development Team and reported in accordance with responsible disclosure policies to Apple.

There is a remote code execution vulnerability in Apple Quicktime (TALOS-2015-0018/CVE-2015-3667). An attacker who can control the data inside an stbl atom in a .MOV file can cause an undersized allocation which can lead to an out-of-bounds read. An attacker can use this to create a use-after-free scenario that could lead to remote code execution.

There is a function within QuickTime (QuickTimeMPEG4!0x147f0) which is responsible for processing the data in an hdlr atom. There is a 16-byte memory region, allocated near the beginning of the function, if the hdlr subtype field in an mdia atom is set to ‘vide’, this reference is passed to a set of two functions.

apple-qt-stbl-0

Read More »

Tags: , , , , , , ,

Welcome to the Network: Wi-Fi Wearables

It’s no surprise that wearable devices are increasingly Wi-Fi enabled.

wifi wearables

With Apple’s recent announcement of Wi-Fi support for Apple Watch and rumors that Google will bring Wi-Fi capabilities to Android Wear, wireless connectivity will continue to drive changes in the way we work and play. As more employees opt to use wearable devices in their personal and professional lives, the traditional boundaries of the workspace will become more fluid. Read More »

Tags: , , , , , ,

“Brick by Brick”

Undoubtedly you heard the news last week of Apple CEO Tim Cook’s open letter in which he publicly acknowledges his sexuality and expresses deep pride in being gay.  While the headline alone is remarkable – the real treasure can be mined from exploring the letter in its entirety and inquiring how we as individuals and as an enterprise can manifest the true intention of this extraordinary message.

Tim Cook’s announcement was an act of service and contribution.  In sharing a personal truth, he illuminates a universal one – our greatest challenges often bear the greatest gifts.  For Tim, being gay has given him a deeper understanding of those in the minority, greater empathy, the confidence to be himself, to follow his own path, and to rise above adversity and bigotry.  And as a result –  a richer life.

His message reminds us all that not everyone has “the good fortune to work at a company that loves creativity and innovation and knows it can only flourish when you embrace people’s differences.” In doing what he feels is his part to help others, he inspires us to re-evaluate ours.

Like Apple, Cisco has a long held commitment to embracing people’s differences and welcoming a full spectrum of different backgrounds, experiences, cultures, affiliations, work styles, and points-of-view.

Read More »

Tags: , , ,

Cloudburst: iOS 8 Generates 50% Increase in Network Traffic

Many network engineers recall the iOS7 update on September 18, 2013 as one of the most historic download days of their network’s history. All the more reason for us in the wireless world who anxiously anticipated the September 17 release of iOS8.

We asked a few of our customers to monitor the effect of the software release on their networks and the results for the first two days are in. Those in the education and healthcare space in particular are filled with early adopters of WiFi technology and devices, and eager to get their hands on the latest updates.

Joe Rogers, Associate Network Director at the University of South Florida shared this picture with us from 1pm September 17th, showing 1 Gbps more traffic than he would normally see at this time of day:

usf

Another customer, Greg Sawyer, Manager of Infrastructure Services, shared this picture of the iOS8 effect on his network at the UNSW Australia.

unsw

He noted that his experience handling the release this year felt smoother than last year, despite the new peak internet download of 4.65 Gbps and 21Tb downloaded for the day! Not too surprising when considering that there were 27,000 concurrent connections on the wireless network and approximately 60% of those being Apple devices.

How should organizations be considering and handling these network spikes? I sat down with Cisco technical leaders Matt MacPherson and Chris Spain (@Spain_Chris) to get some insight on the effect of big updates like iOS8 on the wireless network. Here are some of the highlights of what we discussed:

The World We Live In

The truth is, more and more services are being moved to the cloud—a cloud that will push updates to millions & in the future billions of users and devices on our networks. Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,