iGaming Business magazine iGB 111 July/Aug | Page 19

Tech & Innovation
n
o
i
t
a
m
r
o
f
n
I
y
t
i
r
u
sec ND-UP
ROU
Justin Bellinger analyses the latest threats to our infrastructure and
livelihoods and shares details of the fixes and patches available for them.
In wider news, he looks at some of the potential fallout from recent
high-profile data losses and checks in on the recent enforcement of
GDPR in Europe
Software
Microsoft released some 50 security updates in its
latest Patch Tuesday, 11 of which are classed as critical.
Cumulative Security Updates for Microsoft Browsers
and Microsoft Windows roll up all the critical
patches, while important patches are addressed in
Cumulative Security Updates for Microsoft Office,
Microsoft Hyper-V, Microsoft Windows Kernel and
Microsoft Device Guard Code.
Apple has released iOS 11.4 for iPhone, iPad and
iPod touch, an update that frees up storage space
on devices and fixes various bugs. Something of
particular note is that USB Restricted Mode,
a security feature that makes it much more difficult
to crack an iPhone or iPad through its lightning
port, appeared in beta but did not make it through
to the final release of 11.4. However, there are
reports that it will be released in a future version
of iOS. USB Restricted Mode shuts down comms
access for the lightning port if the correct password
(or face/touchID) has not been entered into the
phone for more than an hour. In theory, this will
make it much harder for thieves or other external
actors to gain access to the device through a brute
force attack. This is interesting as there are already
a number of ‘security’ devices on the market that are
capable of carrying out a brute force attack on
a locked iPhone.
Elsewhere, there’s an update to tvOS to 11.4, while
watchOS is now running 4.3.1, and the latest version
of macOS is 10.13.5.
Justin Bellinger is carrier, wholesale and business
development director at Sure International, based in Guernsey.
He has been integral in driving forward the company’s
global igaming strategy and his portfolio includes some of
the biggest brands in the sector.
Network and hardware
Intel is still looking for an end to its run of bad
luck after the Spectre Variant 2, BranchScope and
Meltdown flaws. Lazy FP state restore is a side
channel attack similar to Spectre and Meltdown
(although nowhere as severe as Meltdown was). The
exploit allows a process to infer the contents of CPU
registers belonging to other processes. Essentially,
to conserve time and power, the FPU register in a
CPU retains its state until another process requires
access to that FPU space when the operating system
is configured to use Lazy FP state restore. Expect a
software patch soon. Some Linux versions already
default to Eager FP state, so are immune from the
potential problem. Please look out for a patch or check
the susceptibility of your OS as soon as you can.
“In theory, USB Restricted Mode will
make it much harder for thieves or
other external actors to gain access to
the device through a brute force attack”
iGamingBusiness | Issue 111 | July/August 2018
17