This essay has been submitted by a student. This is not an example of the work written by professional essay writers.
Uncategorized

Major operating systems vulnerability

Admin 21 Apr 2024

This essay is written by:

Louis PHD Verified writer

Finished papers: 5822

4.75

Proficient in:

Psychology, English, Economics, Sociology, Management, and Nursing

You can get writing help to write an essay on these topics
100% plagiarism-free

Hire This Writer

Major operating systems vulnerability

Introduction

With the advancements in the world of technologies, manufacturers have been able to produce numerous software. The operating systems like Windows, UNIX, and Macintosh are some of the well know innovations across the globe. The popularity of this software range from place to place. With the complexity involved in the manufacturing process, it is difficult to create them without errors. These errors pose security issues to users since they may make the systems subjected to attacks. There are several cyber-attacks in this age of the internet. Billions of dollars have been lost to cyber incidences that lead to identity theft. Several factors can lead to such incidences whereby the vulnerability of the operating systems is one of them. Other factors may include carelessness of the employees to take measures regarding security of data, power surges, SQL injection, and hardware issues.

If an operating system indicates any vulnerabilities, hackers will take advantage of and gain access to one’s computer. Once one gets access to the system, he/she can decide to interfere with personal data. For instance, introduce spyware to monitor your activities and collect vital credentials such as name, credit card information, trade secrets, and passwords. This exposes one to the dangers of being attacked and reputation ruined. For instance, in the case of an organization, management can expose the privacy of its clients. This will add a negative reputation to the firm due to the failure to guarantee safety to the consumers. There is also a possible loss due to penalties from the legal authorities in case any harm happens to the clients who might be the subscribers. Thus, to be in a position to avoid such things from happening, it is essential for the Information communication (IT) experts to know the different types of vulnerabilities and the types of operating systems affected. Dealing with security issues require one to find the sources that pose a threat to them.

Windows

            Windows is a software developed by the Microsoft Company. It is the most used operating system in various parts of the world with a large market share than UNIX, Mac OS, and other operating systems. Most love using it due to its simplicity, cost, and availability. As much it is of help to the consumers, there are certain vulnerabilities associated with it. To enhance the security levels, it is essential for one to explore these vulnerabilities. Type 1 font parsing remote code execution is one of the vulnerabilities affecting this operating system. Parsing Adobe Type 1 fonts has the potential to allow hackers execute codes on any system making it vulnerable to other forms of attacks. atmfd.dll is responsible for the provision of Adobe Type Manager. Usually, it is a kernel module that windows provide to its consumers and supports Open type fonts. This library can allow a potential hacker to execute arbitrary codes into the system. So far, the vulnerability has been identified to affect all versions of window. An individual can engage in the execution of arbitrary code that has kernel privileges. However, some versions of windows have the abilities to execute this code with limited abilities. For instance, Windows 10. To eliminate the vulnerability, one is advised to ensure regular updates of the OS, renaming the ATMFD. DLL to limit the use of the code by windows, and disabling web client services.

UNIX

This is a multi-system resource where the same resources can be shared by different users. UNIX is known to be the most powerful and the most popular multitasking operating system. The advantage of using this kind of OS is that it is easy to port other machines with minimum adaptations. UNIX has a built-in networking function so that different users can easily exchange information. One of the main vulnerabilities of UNIX is that it is not a so friendly operating system. Its interface is the command line and even experienced users can make mistakes using it, and these mistakes can be disastrous. The other vulnerability that is relevant to this is the BIND DNS. The BIND is a package that implements DNS, the name of the internet service that translates a name to an IP address. Apache Web Server is the other form of vulnerability that provides the attackers a way of gaining access to the system. Apart from that, Subversion is the other form of a vulnerability that can enable the hackers to execute arbitrary code on the system. Besides that, there is also the SNMP as the other kind of vulnerability in UNIX, which the attackers are able to use to configure to shutdown the system. Last but not least, Apache Web Server provide attackers with access to the system.

Mac OS

Mac OS is a series of graphical operating system by Apple company. These operating systems, just like any other, also has some vulnerabilities. One of these vulnerabilities is the dock vulnerability. It is noted that the dock in the OS X version before 10.10 tend to improperly manage the state of the screen-lock. This kind of vulnerability enables the attackers to gain access to unattended workstations. Apart from that, there is also the mail vulnerability, which is common among the OS X version before 10.10. The latter stated form of vulnerability recognizes the removal of the address of the recipient from the message. Besides that, there is also the security-keychain vulnerability. This kind of vulnerability is common in the versions of the OS X before 10.9.4 which properly implements keystroke observers (Nayak, Marino, Efstathopoulos, & Dumitraş, 2014).  Last but not least, there is also the launch service vulnerability. The latter stated form of vulnerability is common in the OS X before 10.10.3, which allows the local attackers to cause a denial-of-service through localization data that is crafted. Lastly, there is also the App Store Vulnerability, which is specific for this type of operating system, and this is common for the OS X version before 10.10.2 which could enable the users to acquire sensitive information, and this by simply reading the log files.

Internet Security models: IPv4/6 encapsulation header

IPv4 and IPv6 are two different elements that can be compared on the metrics of the address space, where the IPv6 has a larger address space. It is noted that IPv6 is an improved version of IPv4 which provides better internet working capabilities. The reason as to why IPv6 was developed is because of the anticipated need to have a more end system addresses that is based on the anticipated internet growth. One of the common vulnerabilities that is evident in IPv4/6 encapsulation header is multiple addresses vulnerability. It is noted that the IPv6 assigns multiple addresses to an interface that challenges the filtering rules in the firewalls.

The other vulnerability is a multicast security vulnerability. Given this form of vulnerability, the attacker will be able to send traffic to quite a number of groups, multicast groups, which provide information to the attacker that would then be used for further attack. In this case, the attacker is able to gain all the information about the routers. Precisely, the attacker is able to gain information about the routers that are within the IPv6 network along with all the DHCPv6 host (Han, Gao, & Deng, 2009).

Besides that, the other notable vulnerability in both IPv4 and IPv6 is the extension header vulnerability. An attack is able to perform header manipulation on the extension headers to create attacks. A person could be able to create an IPv6 packet that meets protocol specification and has an unlimited number of the extension headers that are interlinked together.

When it comes to security of the two protocols, that is IPv4 and IPv6, the only security measure that the administrators rely on is the IPsec. This security measure is occasioned with risks that are similar to those for man-in-the-middle attacks in the Internet Key Exchange (IKE), which are both evident in IPv4 and IPv6. The use of IKE is recommended especially when the pre-shared key is required. However, when using the IPsec, there are various things to note. One of these is that this platform does not automatically secure everything. Apart from that, the IPsec does not attempt to standardize the security mechanisms on the internet.

 

 

 

 

 

 

 

 

 

 

 

 

 

References

Han, J., Gao, D., & Deng, R. H. (2009, July). On the effectiveness of software diversity: A

systematic study on real-world vulnerabilities. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (pp. 127-146). Springer, Berlin, Heidelberg.

Nayak, K., Marino, D., Efstathopoulos, P., & Dumitraş, T. (2014, September).

Some vulnerabilities are different than others. In International Workshop on Recent Advances in Intrusion Detection (pp. 426-446). Springer, Cham.

  Remember! This is just a sample.

Save time and get your custom paper from our expert writers

 Get started in just 3 minutes
 Sit back relax and leave the writing to us
 Sources and citations are provided
 100% Plagiarism free
GET CUSTOM ESSAY
Copyright © 2019
error: Content is protected !!
×
Hi, my name is Jenn 👋

In case you can’t find a sample example, our professional writers are ready to help you with writing your own paper. All you need to do is fill out a short form and submit an order

Check Out the Form
Need Help?
Dont be shy to ask