JASBUG

JASBUG
CVE identifier(s)CVE-2015-0008
Date discoveredJanuary 2014; 11 years ago (2014-01)
DiscovererJeff Schmidt (JAS Global Advisors)
Affected softwareMicrosoft Windows workstations and servers on an Active Directory domain (from Windows Server 2003 to Windows 8.1)

JASBUG is a security bug disclosed in February 2015 and affecting core components of the Microsoft Windows Operating System. The vulnerability dated back to 2000[1] and affected all supported editions of Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1.[2]

The vulnerability allows hackers to remotely take control of Windows devices that connect to an Active Directory domain.[3]

JASBUG is registered in the Common Vulnerabilities and Exposures system as CVE-2015-0008.[4][5] The Industrial Control Systems Cyber Emergency Response Team, part of the Department of Homeland Security, issued ICS-ALERT-15-041-01,[6] warning control systems owners that they should expedite applying critical JASBUG fixes.

Microsoft released two patches, MS15-011 and MS15-014,[7] to address JASBUG on the same day the vulnerability was disclosed. These fixes took Microsoft over a year to develop and deploy[8] due to the complexity of the JASBUG vulnerability.

At the time of disclosure, more than 300 million computers were believed to be vulnerable to the exploit.[9]

History

JASBUG was disclosed to the public by Microsoft as a part of "Patch Tuesday," on February 10, 2015.[10]

Background

The vulnerability was initially reported to Microsoft in January 2014[11] by Jeff Schmidt, founder of JAS Global Advisors.[12] After Microsoft publicly announced the security vulnerability, it garnered the name JASBUG in reference to the role JAS Global Advisors played in discovering the exploit.[13]

Discovery

In 2014, JAS Global Advisors was working on an engagement with the Internet Corporation for Assigned Names and Numbers (ICANN), the organization governing the standards of the Internet, to research potential technical issues surrounding the rollout of new Generic Top Level Domains (gTLDs) on the Internet.[14]

While working on the research, JAS Global Advisors, with business partner SimMachines,[15] uncovered the vulnerability by applying "big data" analytical techniques to very large technical data sets.

Effect

JASBUG principally affects business and government users. Home users are less likely to be affected by JASBUG because they do not use domain-configured computers.[16]

White House cybersecurity advisor Michael Daniel spoke about the importance of addressing JASBUG in a meeting of the Information Security and Privacy Advisory Board of the National Institute for Standards and Technology, and the Office of Management and Budget and the Department of Homeland Security immediately took steps to fix the vulnerability on federal networks.[17]

Suzanne E. Spaulding, serving as Under Secretary for the National Protection and Programs Directorate (NPPD) at the Department of Homeland Security, mentioned JASBUG in a February 2015 House of Representatives hearing that touched on the potential effect of a DHS funding hiatus.[18]

In the aftermath of JASBUG, various government agencies have updated their technical specifications to mitigate exploit risks. For example, the United States Department of Veteran Affairs decided in May 2015 to "unapprove" the use of Windows Server 2003 based on JASBUG risks.[19]

Exploitation

According to Microsoft, the exploit takes advantage of how Group Policy receives and applies policy data when a domain-joined system connects to a domain controller.[20] One likely exploitation of the flaw involves deceiving a user with a domain-configured system into a network controlled by a hacker.[21]

Despite the potential effect, there is no indication that the JASBUG vulnerability was ever used by cyberhackers to access corporate or government computers.[22]

Specific systems affected

JASBUG affects Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT, and Windows RT 8.1.[23] Windows Server 2003 is also affected, but there will not be a JASBUG patch this platform, as Microsoft has indicated that it is not feasible to build a fix for this version.[24] JASBUG also affects Windows XP and Windows 2000, but no patch will be made available for these operating systems as they are no longer supported by Microsoft.[25]

Bugfix and deployment

Unlike other high-profile vulnerabilities like Heartbleed, Shellshock, Gotofail and POODLE, JASBUG was a design problem, not an implementation problem, making this type of vulnerability unusual and much more difficult to fix.[26] The fix required Microsoft to re-engineer core components of the operating system[27] and to add several new features, including additional hardening of Group Policy, the feature that organizations use to centrally manage Windows systems, applications, and user settings in Active Directory environments.[28]

Microsoft was not able to fix the JASBUG flaw on Windows Server 2003 systems, noting that "The architecture to properly support the fix provided in the update does not exist on Windows Server 2003 systems, making it infeasible to build the fix for Windows Server 2003."[29]

For unpatched and unpatchable platforms that may be vulnerable to JASBUG, security firms like Symantec recommend that organizations use intrusion prevention systems (IPS) to monitor network activity for possible malicious JASBUG traffic.[30]

References

  1. ^ Pagliery, Jose (2015-02-15). "Microsoft fixes a serious 15-year-old bug". CNN Money. Retrieved 2015-02-15. If any hackers knew about this since the year 2000, they could have used it to sneak into company computer systems and take complete control.
  2. ^ Walker, Danielle (2015-02-10). "On Patch Tuesday, Microsoft unveils fix for critical Windows flaw 'JASBUG'". SC Magazine. Retrieved 2015-03-10. In a security bulletin, MS15-011, the tech giant revealed that the critical vulnerability affects all supported editions of Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1.
  3. ^ Williams, Owen (2015-02-10). "Microsoft Patches Massive Flaw In Active Directory". The Next Web. Retrieved 2015-03-10. Today, Microsoft has issued a critical patch to every supported version of Windows that resolves a bug that may have been open for as long as fifteen years could allow attackers to remotely take control of Windows devices that connect to an Active Directory domain.
  4. ^ "CVE - CVE-2015-0008". Cve.mitre.org. 2015-02-10. Archived from the original on 2015-09-23. Retrieved 2015-03-10.
  5. ^ Thomson, Iain (2015-02-10). "PATCH NOW: Design flaw in Windows security allows hackers to own corporate laptops, PCs". The Register. Retrieved 2015-03-10. The bug (CVE-2015-0008) was discovered over a year ago when global DNS overlord ICANN hired JAS to check out the security of its systems for creating new generic top-level domains. {{cite news}}: External link in |quote= (help)
  6. ^ "Alert (ICS-ALERT-15-041-01) Microsoft Security Bulletin MS15-011 JASBUG". US-CERT. 2015-02-10. Retrieved 2015-03-10. Control systems that are members of a corporate Active Directory may be at risk. ICS-CERT is monitoring this vulnerability and will provide additional information related to control systems as it becomes available.
  7. ^ "MS15-011 & MS15-014: Hardening Group Policy". Microsoft. 2015-02-10. Retrieved 2015-03-10.
  8. ^ Saarinen, Juha (2015-02-10). "Microsoft patches critical JASBUG Windows flaw". ITNews Australia. Retrieved 2015-03-10. In order to remedy the flaw, Microsoft was forced to re-engineer core components of Windows, to add several new features. This meant extensive testing to ensure backwards compatibility, supported configurations, and new documentation to describe the changes was required, a process that took Microsoft over a year.
  9. ^ Gaebler, Ken (2015-02-10). "New JASBUG Vulnerability Escalates The Importance Of Applying Today's Microsoft Patches". Gaebler Resources for Entrepreneurs. Retrieved 2015-03-10. Outside of the Fortune 500, we estimate that another 300 million computers could be affected by the JASBUG security threat.
  10. ^ Hamilton, David (2015-02-10). "Microsoft Issues Security Updates Addressing'JASBUG' Vulnerability in Windows". Web Host Industry Review. Retrieved 2015-03-10. Microsoft released technical patches [for JASBUG] as a part of its "Patch Tuesday" release on 10 February 2015.
  11. ^ Fox-Brewster, Thomas (2015-02-10). "Why Microsoft Took A Year To Fix Critical Windows Bug That Allowed Hackers To Spy On Worker PCs". Forbes. Retrieved 2015-03-10. ...the Redmond tech titan learned about the problem back in January 2014.
  12. ^ Chickowski, Ericka (2015-02-11). "Microsoft Fix For Critical Active Directory Bug A Year In The Making". Dark Reading. Retrieved 2015-03-10. Discovered by Jeff Schmidt, founder of JAS Global Advisors, the flaw required Microsoft to fix to fix how domain-configured systems connect to domain controllers.
  13. ^ "Jasbug: Microsoft plugs 15 year old Vulnerability". Der Spiegel. 2015-02-11. Retrieved 2015-03-10. Das Sicherheitsleck wurde nach einer der Firmen benannt, die es Microsoft gemeldet haben. Weil das Unternehmen JAS Global Advisors heißt, heißt die Lücke Jasbug.
  14. ^ Zaharov-Reutt, Alex (2015-02-10). "Critical "JASBUG" vulnerability in Windows clients and servers patched". IT Wire. Retrieved 2015-03-10.
  15. ^ Prince, Brian (2015-02-10). "Microsoft Patches Critical Windows, Internet Explorer Vulnerabilities in Patch Tuesday Update". Security Week. Retrieved 2015-03-10.
  16. ^ Kumar, Mohit (2015-02-10). "15-Year-Old JasBug Vulnerability Affects All Versions of Microsoft Windows". Hacker News, The. Retrieved 2015-03-10. Jasbug vulnerability do [sic] not affects home users because they are not usually domain-configured
  17. ^ Mazmanian, Adam (2015-02-11). "Feds respond to critical Windows flaw". Federal Computer Week. Archived from the original on 2015-02-13. Retrieved 2015-03-10.
  18. ^ "Examining The President's Cybersecurity Information-Sharing Proposal". United States House of Representatives Hearing. 2015-02-25. Retrieved 2015-03-10. That has an impact on our ability to quickly address--identify and address vulnerabilities like the JASBUG vulnerability that has been most recently in the media.
  19. ^ "Windows Server". US Department of Veteran Affairs Website. 2015-05-31. Retrieved 2015-03-10. Due to the critical nature of JASBUG, Windows Server 2003 is TRM unapproved and should only be used when the security risks are outweighed by the benefits as reviewed and approved by the AERB waiver process.
  20. ^ "Microsoft Security Bulletin MS15-011 - Critical". Microsoft TechNet. 2015-02-10. Retrieved 2015-03-10.
  21. ^ Illascu, Inotu (2015-02-11). "Microsoft Patches Critical Remote Code Execution Glitch in Group Policy". Softpedia. Retrieved 2015-03-10.
  22. ^ "Microsoft fixes critical remotely exploitable Windows root-level design bug". Help Net Security. 2015-02-10. Retrieved 2015-03-10. ...there is no indication that it had been publicly used to attack customers.
  23. ^ "New Windows JASBUG vulnerability requires immediate attention from systems administrators". Symantec. 2015-02-11. Retrieved 2015-03-10.
  24. ^ Goodin, Dan (2015-02-10). "15-year-old bug allows malicious code execution in all versions of Windows". Ars Technica. Retrieved 2015-03-10. Patch now, unless you run 2003, in which case you're out of luck.
  25. ^ Duval, Loic (2015-02-12). "JASBUG, le bug âgé de 14 ans qui fait peur aux entreprises". Tom's Hardware. Retrieved 2015-03-10. Les versions Windows 2000 et XP n'étant plus supportées par Microsoft, il n'existe pas de correctifs.
  26. ^ Wilhelm Aldershoff, Jan (2015-02-10). "BREAKING: Microsoft fixes very critical vulnerability called JASBUG; bigger than Heartbleed and Shellshock". MyCE. Retrieved 2015-03-10.
  27. ^ Freed, Anthony M. (2015-02-10). "Microsoft Updates Core Windows Components to Patch Critical JASBUG Vulnerability". Dark Matters. Retrieved 2015-03-10. In a rare move, Microsoft had to re-engineer some core components of the Windows operating system in order to mitigate a critical design vulnerability that could allow attackers to gain administrator-level privileges on tens-of-millions of devices.[permanent dead link]
  28. ^ Constantin, Lucian (2015-02-11). "Critical vulnerability in Group Policy puts Windows computers at risk". CSO Magazine. Retrieved 2015-03-10.
  29. ^ Bott, Ed (2015-02-10). "Microsoft's Patch Tuesday release leaves one big vulnerability unpatched". ZDNet. Retrieved 2015-03-10.
  30. ^ "JASBUG: What is it? How Are You Protecting Your Legacy Windows Systems?". Symantec. 2015-02-17. Retrieved 2015-03-10.

Read other articles:

Anak babi

Anak babi Anak babi merujuk pada anak babi yang masih dalam masa menyusui dan diberi makan dengan susu ibunya. Dalam aspek kuliner, babi muda umumnya dikonsumsi ketika usianya berkisar antara dua hingga enam minggu. Biasanya, babi muda disajikan dalam bentuk utuh dan seringkali diolah dengan cara dipanggang dalam beragam hidangan istimewa dan perhelatan tertentu. Daging dari babi muda memiliki ciri khas berwarna pucat dan memiliki tekstur yang lembut. Kulit babi muda yang dimasak secara khusu...

 

 

LGBT rights in Oklahoma

LGBT rights in OklahomaOklahoma (USA)StatusLegal statewide since 2003(Lawrence v. Texas)Gender identityTransgender people no longer allowed to change legal gender since 2021RestrictionsNon-binary birth certificates not allowedDiscrimination protectionsProtections in employment; further protections in NormanFamily rightsRecognition of relationshipsSame-sex marriage since 2014AdoptionSame-sex couples allowed to adopt Lesbian, gay, bisexual, and transgender (LGBT) persons in the U.S. state of O...

 

 

Amsterdam Airport Schiphol

Major airport in the Netherlands Schiphol redirects here. For the railway station, see Schiphol Airport railway station. Amsterdam Airport SchipholKoninklijke Luchthaven SchipholIATA: AMSICAO: EHAMWMO: 06240SummaryAirport typePublicOwner/OperatorRoyal Schiphol GroupServesGreater AmsterdamLocationHaarlemmermeer, NetherlandsOpened16 September 1916; 107 years ago (1916-09-16)Hub forKLMKLM CargoKLM CityhopperMartinairOperating base forCorendon Dutch AirlineseasyJet[1]Tra...

Stuart Bunce

This biography of a living person needs additional citations for verification. Please help by adding reliable sources. Contentious material about living persons that is unsourced or poorly sourced must be removed immediately from the article and its talk page, especially if potentially libelous.Find sources: Stuart Bunce – news · newspapers · books · scholar · JSTOR (March 2023) (Learn how and when to remove this message) Stuart BunceBorn (1971-10-21) ...

 

 

Ulisse Giuseppe Gozzadini

Questa voce o sezione sull'argomento vescovi italiani non cita le fonti necessarie o quelle presenti sono insufficienti. Puoi migliorare questa voce aggiungendo citazioni da fonti attendibili secondo le linee guida sull'uso delle fonti. Segui i suggerimenti del progetto di riferimento. Questa voce o sezione sull'argomento vescovi non è ancora formattata secondo gli standard. Contribuisci a migliorarla secondo le convenzioni di Wikipedia. Ulisse Giuseppe Gozzadinicardinale di Santa...

 

 

Riolobos

Questa voce o sezione sull'argomento centri abitati della Spagna non cita le fonti necessarie o quelle presenti sono insufficienti. Puoi migliorare questa voce aggiungendo citazioni da fonti attendibili secondo le linee guida sull'uso delle fonti. Segui i suggerimenti del progetto di riferimento. Rioloboscomune Riolobos – Veduta LocalizzazioneStato Spagna Comunità autonoma Estremadura Provincia Cáceres TerritorioCoordinate39°55′00.12″N 6°18′00″W / ...

Sandra Savino

Questa voce sull'argomento politici italiani è solo un abbozzo. Contribuisci a migliorarla secondo le convenzioni di Wikipedia. Segui i suggerimenti del progetto di riferimento. Sandra Savino Sottosegretaria di Stato al Ministero dell'economia e delle finanzeIn caricaInizio mandato2 novembre 2022 ContitolareFederico FreniLucia Albano Capo del governoGiorgia Meloni PredecessoreMaria Cecilia GuerraAlessandra Sartore Deputata della Repubblica ItalianaDurata mandato15 marzo 2013&...

 

 

Triumph slant-four engine

Inline four-cylinder petrol car engine Reciprocating internal combustion engine Triumph Slant-four engineOverviewManufacturerTriumph Motor CompanyProduction1968 - 1981LayoutConfigurationI4Displacement1,709 cc (104.3 cu in)1,854 cc (113.1 cu in)1,985 cc (121.1 cu in)1,998 cc (121.9 cu in)Cylinder block materialCast ironCylinder head materialAluminiumValvetrainSOHCCombustionFuel systemCarburettorsFuel typePetrolOil systemWet sumpCoolin...

 

 

Eileen Bennett Whittingstall

Artikel ini perlu dikembangkan dari artikel terkait di Wikipedia bahasa Inggris. (13 Desember 2022) klik [tampil] untuk melihat petunjuk sebelum menerjemahkan. Lihat versi terjemahan mesin dari artikel bahasa Inggris. Terjemahan mesin Google adalah titik awal yang berguna untuk terjemahan, tapi penerjemah harus merevisi kesalahan yang diperlukan dan meyakinkan bahwa hasil terjemahan tersebut akurat, bukan hanya salin-tempel teks hasil terjemahan mesin ke dalam Wikipedia bahasa Indonesia....

Karen Bradley

British Conservative politician (born 1970) The subject of this article is standing for re-election to the House of Commons of the United Kingdom on 4 July, and has not been an incumbent MP since Parliament was dissolved on 30 May. Some parts of this article may be out of date during this period. Please feel free to improve this article (but note that updates without valid and reliable references will be removed) or discuss changes on the talk page. The Right HonourableDame Karen Br...

 

 

Om Prakash Mehra

Indian Air Force officer Air Chief MarshalO P MehraPVSMAir Chief Marshal Om Prakash Mehra8th Chief of Air StaffIn office16 January 1973 – 31 January 1976PresidentV. V. Giri[1]Prime MinisterIndira Gandhi[2]Preceded byPratap Chandra LalSucceeded byHrushikesh Moolgavkar11th Governor of MaharashtraIn office3 November 1980 – 5 March 1982Chief Minister A. R. Antulay Babasaheb Bhosale Preceded bySri Sadiq AliSucceeded byAir Chief Marshal I H Latif6th Governor of...

 

 

Public water system

Organization providing drinking water for public use Water towers are used to store water at a height sufficient to pressurize a water supply distribution system Public water system is a regulatory term used in the United States and Canada, referring to specific utilities and organizations providing drinking water. United States The US Safe Drinking Water Act and derivative legislation define a public water system as an entity that provides water for human consumption through pipes or other c...

Cochliobolus lunatus

Fungal plant pathogen Cochliobolus lunatus Scientific classification Domain: Eukaryota Kingdom: Fungi Division: Ascomycota Class: Dothideomycetes Order: Pleosporales Family: Pleosporaceae Genus: Cochliobolus Species: C. lunatus Binomial name Cochliobolus lunatusR.R. Nelson & Haasis, (1964) Synonyms Acrothecium lunatum Wakker, in Wakk. & Went., (1898) Curvularia lunata (Wakker) Boedijn, (1933) Curvularia lunata var. lunata (Wakker) Boedijn, (1933) Pseudocochliobolus lunatus (R.R. ...

 

 

حي المحدود

25°21′22″N 49°37′25″E / 25.356002°N 49.6236547°E / 25.356002; 49.6236547 حي المحدود حي الملك فهد الإحداثيات 25°21′22″N 49°37′25″E / 25.356002°N 49.6236547°E / 25.356002; 49.6236547 تقسيم إداري  قائمة الدول  السعودية  منطقة المنطقة الشرقية  محافظة الأحساء  حي الملك فهد حي المحدود خصائص �...

 

 

DoraDora

DoraDoraDoraDora album cover.Album mini karya U-KISSDirilis25 April 2012 (2012-04-25) (see release history)Direkam2011-2012GenrePop, electropopLabelNH Media, KT Music, LOEN Entertainment, Sony Music (South Korea)Kronologi U-KISS Bran New Kiss(2011)Bran New Kiss2011 DoraDora(2012) The Special to Kissme(2012)The Special to Kissme2012 Singel dalam album DoraDora DoraDoraDirilis: 25 April 2012 (2012-04-25) DoraDora adalah album mini oleh boyband Korea Selatan, U-KISS. Ini adalah EP ...

القناطر الخيرية

30°11′36″N 31°08′13″E / 30.193333333333°N 31.136944444444°E / 30.193333333333; 31.136944444444 القناطر الخيرية القناطر الخيريةعلم تقسيم إداري البلد  مصر[1] عاصمة لـ مركز القناطر الخيرية  المحافظة محافظة القليوبية المركز مركز القناطر الخيرية المسؤولون المحافظ عبد الحميد الهجان[2] خ�...

 

 

Chevrolet Silverado EV

Battery electric pickup truck Motor vehicle Chevrolet Silverado EV2024 Chevrolet Silverado EV RST First EditionOverviewManufacturerGeneral MotorsAlso calledGMC Sierra EVProductionMay 2023[1]–presentModel years2024–presentAssemblyUnited States: Detroit, Michigan (Detroit/Hamtramck Assembly) Orion Township, Michigan (Orion Assembly) (starting late 2025)DesignerRaphael Molina, Jacky Zhan[2]Body and chassisClassFull-size pickup truckBody style4-door pickup truck...

 

 

Pocumtuck Range

Mountain range in Massachusetts, US For the mountain in Charlemont, Massachusetts, see Pocumtuck Mountain. Pocumtuck RangeMetacomet RidgePoet's Seat Tower on Rocky Mountain, northern Pocumtuck Range. 1915 postcard.Highest pointPeakPocumtuck RockElevation846 ft (258 m)Coordinates42°32′00″N 72°35′30″W / 42.53333°N 72.59167°W / 42.53333; -72.59167DimensionsLength11 mi (18 km) east-westGeographyCountryUnited StatesStateMassachusetts...

Limoges Métropole

Limoges Métropole Administration Pays France Région Nouvelle-Aquitaine Département Haute-Vienne Forme Communauté urbaine Siège Limoges Communes 20 Président Guillaume Guérin[1] (LR) Budget 272 000 000 € (2019) Date de création 1er janvier 2002 (CC) 1er janvier 2003 (CA) 1er janvier 2019 (CU) Code SIREN 248719312 Démographie Population 206 616 hab. (2021) Densité 397 hab./km2 Géographie Superficie 520,60 km2 Localisation Localisation en Haute-Vi...

 

 

Raúl Torrente

Spanish footballer This article's lead section may be too short to adequately summarize the key points. Please consider expanding the lead to provide an accessible overview of all important aspects of the article. (May 2024) In this Spanish name, the first or paternal surname is Torrente and the second or maternal family name is Navarro. Raúl TorrentePersonal informationFull name Raúl Torrente NavarroDate of birth (2001-09-11) 11 September 2001 (age 22)Place of birth San Javier...