Top Vulnerable Operating Systems

Introduction

Information Technology teams have developed four primary advancements to secure their systems: infection identification, firewalls, intrusion detection systems (IDS), and vulnerability assessment. As it were on-request Security Audits and Vulnerability Management give a proactive methodology, recognizing system and gadget vulnerabilities previously systems are undermined. The common destructive attacks have originated from Code Red but potentially more damaging are Code Red II and SirCam. According to reports by Miliefsky and NetClarity Inc (2008), these attacks and have infected millions of computer users, shut down Web sites, slowed Internet service, and disrupted business and government operations. They have already caused billions of dollars of damage and their full effects have yet to be completely assessed. The report will focus on Code Red II, and the approach for a vulnerability assessment that include manual testing that applies software-based products, self-service automated third party solutions and consultants’ penetration testing.

Operating Systems Vulnerabilities

Vulnerability is viably error in the code or the rationale of activity inside the OS or the application programming. According to Anton et al. (2003), since current OSs and applications are mind boggling and incorporate a great deal of usefulness, it's hard for a merchant's advancement group to make programming that contains no errors. Lamentably, there's no lack of virus creators and cybercriminals that are prepared to dedicate impressive exertion to researching how they can profit by misusing any powerlessness – before it's fixed by the merchant giving a product fix. According to a data compiled by the National Vulnerability Database (NVD) there exist a number of operating systems that have fallen short to vulnerabilities and the data collected was meant to identify the products that are on top to acquire the most frequent security updates. Therefore, a 2014 data researched by Chapree et al. (2014) was collected and identified the following operating systems that were susceptible to vulnerabilities;

1. Apple Max OS X -147 vulnerabilities

2. Apple iOS - 127 vulnerabilities

3. Linux Kernel -119 vulnerabilities

4. Microsoft Windows Server 2008 – 38 vulnerabilities

5. Microsoft Windows 7 -36 vulnerabilities

There are several other operating systems that are susceptible to vulnerabilities but the mentioned above OS over a number of years have recorded security issues, but the focus is on the first two OS Apple Max OS X and Apple iOS having recorded the highest number of vulnerabilities in the year 2014.

According to Apple Inc. (2018) report, Apple Max OS X and Apple iOS underwent an array of index issues in the manner Dock handles messages from apps leading to breakage of the sendbox. Further the box is exploited in case of an attacker sends a maliciously schemed message bringing about an invalid activity pointer to be yielded, consequently resulting to unanticipated application lapse or whimsical code execution.

Vulnerability Test Rationale

The Vulnerability Assessment and Mitigation methodologies applied in dealing with vulnerabilities existing in Security vulnerabilities of OSs or applications according to Srinivasamurthy and Liu (2010). In this report the focus is on Apple Mac OS X and Apple iOS which are relatively inclusive taxonomy security approaches capable of detecting and mitigating weaknesses and compromises according to a report of Apple Inc. (2018). They include self-service automated third party solutions in form of patches that are accessed in form of updates and have resolved a number of critical vulnerabilities with fixes for application sendbox escape, address space layout randomization circumvention, arbitrary code execution, privilege escalation and other severe vulnerabilities. These VAM methodologies are capable of bypassing bugs lived in Intel Graphic Driver, IOGraphicsFamily and Graphic Driver. In addition, there exist more code execution bugs that are in the security update such as copyfile that facilitates application. These application depicted that are capable of fixing the issues in a similar was as the Intel Graphics card dealt with the Open GL API that allow for code execution with system privilege.

Methodology

The fixing of dozens of vulnerabilities within the Apple Max OS X and Apple iOS operating systems by use of updates that fix a number of glitches and bugs beneath the hood of the operating system researches Donohue (2014). In most cases, the bulk of them use software libraries such as LibreSSL, Libxml2 and OpenSSL. Thence, Apple updates every library to the recent version in order to mitigate the vulnerabilities.

By use of self-service automated third party solutions methodologies that uses updates Brook (2016), identifies that Apple fixed its issues that were identified within the Safari Login Autofill characteristic capable of revealing user’s password on screen. Another bug related to Facetime in both Mac OS X and iOS, it could have provided a hacker who uses a privilege network to acquire a relay call to proceed transmitting audio by deluding a user into perceiving that the call has been cancelled. These inconsistencies that were portrayed in Facetime on dealing with relayed calls were mitigated by use of improved display logic.

Detailed Findings

According to Chapree et al (2015) and NewYorkGovSecurity Advisory (2014), Apple had several Source of Vulnerability and these were;

Mac OS X

The Copyfile (CVE-2014-1370) that was available for Apple OS X issues arose from from an out of bounds byte swapping problems that were present in the handling of the AppleDouble files in an archives zip. However the issues were dealt with by improving the bounds checking.

Graphics Driver coded as (CVE-2014-1372) portrayed an issue of relaying system call, was resulted by an out-of-bounds read issue that handled the system call. However, the issue was mitigated by improving the bound checking. Within the Intel Graphics Driver (CVE-2014-1373), the vulnerability arose from a Kernel pointer that was stored in an IOKit object and could only be identified from the userland. The issue was addressed by removal of the pointer from the object.

IOSAcceleratorFamily (CVE-2014-1377) avalaibale for OS X Mavericks 10.9 and 10.9.3 as well as OS X Mountain Lion v10.8.5 was faced by an array of indexing issues that arose from IOAcceleratorFamily of bound checking. However, it was addressed by improving the bound checking. Within the iOS vulnerabilities, the NewYorkGovSecurity Advisory (2014) came up with the following sources;

CoreGraphics (CVE-2014-1354) that was present in iPhone 4 as well as iPod touch (fifth generation) vulnerability identified was an unbounded stack allocation problem originated that affected the handling of XBM files. The matter was dealt by fostering the bound checking effect. By Kernel (CVE-2014-1355) developed for iPhone 4 and later for the fifth generation iPod and iPad 2 resulted from a pointer difference that affected the handling of IOKit API altercations that were addressed via additional validation of IOKit API altercations. Safari denoted as CVE-2014-1350 also available for iPhone 4 and later for iPAd 2 and fifth generation iPod touch had an issue that originated from invalid URLs that affected the user’s URLs. The issue was addressed by improvisation of the memory handling.

WebKit (CVE-2014-1346) developed for iPhone 4, fifth generation iPod touch and later for iPad 2 was faced with a vulnerability of encoding that originated from handling of Unicode characters in the URLs. In case a hacker developed a URL to infiltrate, it could have led to sending of incorrect PostMessage origin. However, it was dealt via improvisation of the encoding and decoding features.

Impact of Vulnerabilities

The NewYorkGovSecurity Advisory (2014) identified the following impacts in Mac OS X; Copyfile (CVE-2014-1370) faced an impact when the opening of a crafted zip files lead to an unanticipated application termination of arbitrary code execution. Graphics Driver (CVE-2014-1372) was exposed to a local user and could read the Kernel memory, which can consequently be applied to bypass Kernel address space layout randomization. Intel Graphics Driver (CVE-2014-1373), a particular crafted application is capable of executing arbitrary code with system privileges. In IOAcceleratorFamily (CVE-2014-1377) influenced a particular crafted application capable of executing arbitrary code with system privileges.

Similarly to iOS, NewYorkGovSecurity Advisory (2014) identified the following impacts;

CoreGraphics (CVE-2014-1354) impacted the viewing of particular crafted XBM file that led to an unanticipated application termination as well as arbitrary code execution. Kernel (CVE-2014-1355) was affected to lead to the device to unexpectedly restarting itself without the owner’s manipulation. Safari (CVE-2014-1349) which is a web browser application was affected when one accessed a particular crafted website leading to an unexpected application termination or arbitrary execution. WebKit (CVE-2014-1346) was affected when a specific crafted site sends a message to a linked frame or window in a manner that can circumvent the receiver’s origin check.

Likelihood of the Vulnerabilities Being Exploited

Most of the vulnerabilities that Mac OS X and iOS have faced have indicated that they were affected by crafted by outside sources to be able to penetrate the Operating System. In this case, vulnerabilities such as; CopyFile, Intel Graphics Driver, IOAcceleratorFamily, CoreGraphics, Safari App, and WebKit indicated their issues via crafted programs similar to their coding and encoding. According to Brook (2016) in an article of ThreatPost, identifies that hackers were aware that Apple was providing its products to the United States of America’ government institutions and therefore, cloned there codes to fit in the Apple products developed in the year 2014. As a result, all data that passed through the Apple OS specifically through Mac OS X products and iOS products were exploited for malicious use.

Overall Risk Assessment

These vulnerabilities indicated in Mac OS X and iOS were the third party applications that indicated an 80% of the vulnerabilities. Only 13% of the vulnerabilities affected Operating systems and 4% vulnerabilities affected hardware devices identifies Chapree et al. (2014).

According to Shinder (2014)., these have been as a result of the manner in which iOS and Mac OS X handles TSL and SSL sessions, exposing attackers to intercept transmissions that are sent via social networking sites or web mail sites. Shinder (2014) emphasizes that the ability of the hacker to impersonate the web site and capture data, vital information as well as financial transactions has been taken control of. Agencies such as National Security Agency of the USA have acquired a ‘back door’ to spy on its citizens against their will.

Recommendations

In relation to the vulnerabilities identified in the iOS and Mac OS X, it is vital for the programmers developing future products to per take the following recommendation to avoid similar vulnerabilities. These include;

After development, the software should be entirely run as an non-privilege user, that is, one that lacks the administrative privileges so that there is diminished effects of a successful attack.

It is important that the user to be reminded not to visit un-trusted sites or follow links that may be provided by unfamiliar or un-trusted sources.

During the initial development, Apple is supposed to apply correct patches to affected systems right after correct testing.

Users are supposed to be reminded to not to open files or download files from suspicious mails, unknown users or un-trusted sites.

Users are supposed to be reminded not to leave their Apple iOS devices unattended.

References

Anton, P.S., Anderson, R.H., Mesic, R. and Scheiern, M., 2003. The vulnerability assessment & mitigation methodology. RAND NATIONAL DEFENSE RESEARCH INST SANTA MONICA CA.

Miliefsky, G., NetClarity Inc, 2008. Proactive network security system to protect against hackers. U.S. Patent 7,346,922.

Srinivasamurthy, S. and Liu, D.Q., 2010, November. Survey on cloud computing security. In Proc. Conf. on Cloud Computing, CloudCom (Vol. 10).