{"id":70255,"date":"2017-03-08T10:57:02","date_gmt":"2017-03-08T18:57:02","guid":{"rendered":"https:\/\/securingtomorrow.mcafee.com\/?p=70255"},"modified":"2025-05-27T20:26:51","modified_gmt":"2025-05-28T03:26:51","slug":"analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl","status":"publish","type":"post","link":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/","title":{"rendered":"Analyzing CVE-2017-3731: Truncated Packets Can Cause Denial of Service in OpenSSL"},"content":{"rendered":"

OpenSSL is a popular open-source library for SSL and is used by various software and companies across the world. In January, OpenSSL released an update that fixed multiple vulnerabilities. One of them is CVE-2017-3731, which can cause a denial of service due to a crash. McAfee Labs analyzed this vulnerability to provide detection for customers.\u00a0<\/strong><\/p>\n

Figuring out the changes using patch diff<\/strong><\/h2>\n

The patch modified a couple of files related to various cipher algorithms. For this report we will examine e_chacha20_poly1305.c. The following code shows the patch to this file, taken from https:\/\/git.openssl.org\/?p=openssl.git;a=commitdiff;h=2198b3a55de681e1f3c23edb0586afe13f438051<\/a>.<\/p>\n

\"\"<\/p>\n

We can see that a simple step was added to check the value of variable length against the constant POLY1305_BLOCK_SIZE and just below that we see that this constant is subtracted from the variable \u201clen.\u201d<\/p>\n

If we look at the declaration, POLY1305_BLOCK_SIZE is declared in the file poly1305.h as\u00a0\u201c#define POLY1305_BLOCK_SIZE 16.\u201d The variable len is defined in e_chacha20_poly1305.c as\u00a0\u201cunsigned int len;\u201d<\/p>\n

So if the variable len is less than 16, it will cause an integer underflow, that is, the value of len will become very large. When used, this value can cause problems with the normal program flow because the value of len will be incorrect.<\/p>\n

Digging further<\/strong><\/h2>\n

We can see in the preceding image that this len value is assigned to \u201cactx->tls_payload_length.\u201d Then the function chacha20_poly1305_cipher is called. Inside this function actx->tls_payload_length is assigned to the variable \u201cplen\u201d:<\/p>\n

\"\"<\/p>\n

Notice that variable plen will now have the very large value that we got from the previous len integer underflow. We can further see that the value of plen is passed to the function poly1305_Update:<\/p>\n

\"\"<\/p>\n

Poly1305_Update will carry this large value as it calls the function Poly1305_blocks:<\/p>\n

\"\"<\/p>\n

If we take a closer look at the function, we can see that the variable len contains a very large integer value, which is used as the counter in a \u201cwhile\u201d loop:<\/p>\n

\"\"<\/p>\n

We can also see a call to the function U8TOU32, which reads the value of *inp (a pointer), and that the value of *inp is increased by POLY1305_BLOCK_SIZE for each iteration of the loop. Because the value of len is very large, eventually *inp will point to nonreadable memory. Attempting to read that will cause an access violation error\u2014resulting in an OpenSSL crash.<\/p>\n

Exploiting the vulnerability from the network<\/strong><\/p>\n

To exploit this vulnerability, a client needs to use the chacha20_poly1305 cipher suite (or another vulnerable cipher, as can be seen from patch diff) and send an encrypted handshake message in which the record length is less than 16 bytes (in the case of chacha20_poly1305 cipher). This will cause an integer underflow and OpenSSL will crash, as we see in the following images running OpenSSL and Gnu Debugger:<\/p>\n

\"\"<\/p>\n

Conclusion<\/strong><\/h2>\n

OpenSSL is very popular and thus can be a target for denial of service attacks. These types of vulnerabilities can impact many installations. We recommend that users update their OpenSSL installations to the latest version.<\/p>\n

McAfee Network Security Platform customers are protected against this vulnerability through signature ID: 0x45c09400.<\/p>\n","protected":false},"excerpt":{"rendered":"

OpenSSL is a popular open-source library for SSL and is used by various software and companies across the world. In…<\/p>\n","protected":false},"author":612,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[442],"tags":[1814,18,4827],"coauthors":[2095],"class_list":["post-70255","post","type-post","status-publish","format-standard","hentry","category-mcafee-labs","tag-computer-security","tag-network-security","tag-vulnerability"],"acf":[],"yoast_head":"\nAnalyzing CVE-2017-3731: Truncated Packets Can Cause Denial of Service in OpenSSL | McAfee Blog<\/title>\n<meta name=\"description\" content=\"OpenSSL is a popular open-source library for SSL and is used by various software and companies across the world. In January, OpenSSL released an update\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Analyzing CVE-2017-3731: Truncated Packets Can Cause Denial of Service in OpenSSL | McAfee Blog\" \/>\n<meta property=\"og:description\" content=\"OpenSSL is a popular open-source library for SSL and is used by various software and companies across the world. In January, OpenSSL released an update\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/\" \/>\n<meta property=\"og:site_name\" content=\"McAfee Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/McAfee\/\" \/>\n<meta property=\"article:published_time\" content=\"2017-03-08T18:57:02+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-05-28T03:26:51+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2017\/03\/2017-03-08-OpenSSL-1.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1034\" \/>\n\t<meta property=\"og:image:height\" content=\"382\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Hardik Shah\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@hardik05\" \/>\n<meta name=\"twitter:site\" content=\"@McAfee\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Hardik Shah\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/\"},\"author\":{\"name\":\"Hardik Shah\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/99cb905e9b4051dfea96a7752dea4342\"},\"headline\":\"Analyzing CVE-2017-3731: Truncated Packets Can Cause Denial of Service in OpenSSL\",\"datePublished\":\"2017-03-08T18:57:02+00:00\",\"dateModified\":\"2025-05-28T03:26:51+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/\"},\"wordCount\":561,\"publisher\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/2017\/03\/2017-03-08-OpenSSL-1.png\",\"keywords\":[\"computer security\",\"network security\",\"vulnerability\"],\"articleSection\":[\"McAfee Labs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/\",\"name\":\"Analyzing CVE-2017-3731: Truncated Packets Can Cause Denial of Service in OpenSSL | McAfee Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/2017\/03\/2017-03-08-OpenSSL-1.png\",\"datePublished\":\"2017-03-08T18:57:02+00:00\",\"dateModified\":\"2025-05-28T03:26:51+00:00\",\"description\":\"OpenSSL is a popular open-source library for SSL and is used by various software and companies across the world. In January, OpenSSL released an update\",\"breadcrumb\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/#primaryimage\",\"url\":\"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/2017\/03\/2017-03-08-OpenSSL-1.png\",\"contentUrl\":\"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/2017\/03\/2017-03-08-OpenSSL-1.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Blog\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Other Blogs\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"McAfee Labs\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Analyzing CVE-2017-3731: Truncated Packets Can Cause Denial of Service in OpenSSL\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#website\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/\",\"name\":\"McAfee Blog\",\"description\":\"Internet Security News\",\"publisher\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.mcafee.com\/blogs\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\",\"name\":\"McAfee\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png\",\"width\":1286,\"height\":336,\"caption\":\"McAfee\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/McAfee\/\",\"https:\/\/x.com\/McAfee\",\"https:\/\/www.linkedin.com\/company\/mcafee\/\",\"https:\/\/www.youtube.com\/McAfee\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/99cb905e9b4051dfea96a7752dea4342\",\"name\":\"Hardik Shah\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/image\/b151596c8b1a8dc9b25ec3b19ccfd8c0\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/2b87a13b8b83a589e5494d7db597ad6a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/2b87a13b8b83a589e5494d7db597ad6a?s=96&d=mm&r=g\",\"caption\":\"Hardik Shah\"},\"description\":\"Hardik Shah, a Senior Research Engineer in McAfee Labs, is an experienced security researcher and technology evangelist. He has extensive experience with exploits, malware analysis, and various IPS engines. Shah enjoys figuring out ways to protect customers from the latest threats. Prior to McAfee, he worked with the IPS research team at Symantec. You can follow him on twitter at @hardik05\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/hardik05\/\",\"https:\/\/x.com\/hardik05\"],\"url\":\"https:\/\/www.mcafee.com\/blogs\/author\/hardik-shah\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Analyzing CVE-2017-3731: Truncated Packets Can Cause Denial of Service in OpenSSL | McAfee Blog","description":"OpenSSL is a popular open-source library for SSL and is used by various software and companies across the world. In January, OpenSSL released an update","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"Analyzing CVE-2017-3731: Truncated Packets Can Cause Denial of Service in OpenSSL | McAfee Blog","og_description":"OpenSSL is a popular open-source library for SSL and is used by various software and companies across the world. In January, OpenSSL released an update","og_url":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/","og_site_name":"McAfee Blog","article_publisher":"https:\/\/www.facebook.com\/McAfee\/","article_published_time":"2017-03-08T18:57:02+00:00","article_modified_time":"2025-05-28T03:26:51+00:00","og_image":[{"width":1034,"height":382,"url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2017\/03\/2017-03-08-OpenSSL-1.png","type":"image\/png"}],"author":"Hardik Shah","twitter_card":"summary_large_image","twitter_creator":"@hardik05","twitter_site":"@McAfee","twitter_misc":{"Written by":"Hardik Shah","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/#article","isPartOf":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/"},"author":{"name":"Hardik Shah","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/99cb905e9b4051dfea96a7752dea4342"},"headline":"Analyzing CVE-2017-3731: Truncated Packets Can Cause Denial of Service in OpenSSL","datePublished":"2017-03-08T18:57:02+00:00","dateModified":"2025-05-28T03:26:51+00:00","mainEntityOfPage":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/"},"wordCount":561,"publisher":{"@id":"https:\/\/www.mcafee.com\/blogs\/#organization"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/#primaryimage"},"thumbnailUrl":"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/2017\/03\/2017-03-08-OpenSSL-1.png","keywords":["computer security","network security","vulnerability"],"articleSection":["McAfee Labs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/","url":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/","name":"Analyzing CVE-2017-3731: Truncated Packets Can Cause Denial of Service in OpenSSL | McAfee Blog","isPartOf":{"@id":"https:\/\/www.mcafee.com\/blogs\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/#primaryimage"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/#primaryimage"},"thumbnailUrl":"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/2017\/03\/2017-03-08-OpenSSL-1.png","datePublished":"2017-03-08T18:57:02+00:00","dateModified":"2025-05-28T03:26:51+00:00","description":"OpenSSL is a popular open-source library for SSL and is used by various software and companies across the world. In January, OpenSSL released an update","breadcrumb":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/#primaryimage","url":"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/2017\/03\/2017-03-08-OpenSSL-1.png","contentUrl":"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/2017\/03\/2017-03-08-OpenSSL-1.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-cve-2017-3731-truncated-packets-can-cause-denial-service-openssl\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https:\/\/www.mcafee.com\/blogs\/"},{"@type":"ListItem","position":2,"name":"Other Blogs","item":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/"},{"@type":"ListItem","position":3,"name":"McAfee Labs","item":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/"},{"@type":"ListItem","position":4,"name":"Analyzing CVE-2017-3731: Truncated Packets Can Cause Denial of Service in OpenSSL"}]},{"@type":"WebSite","@id":"https:\/\/www.mcafee.com\/blogs\/#website","url":"https:\/\/www.mcafee.com\/blogs\/","name":"McAfee Blog","description":"Internet Security News","publisher":{"@id":"https:\/\/www.mcafee.com\/blogs\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.mcafee.com\/blogs\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.mcafee.com\/blogs\/#organization","name":"McAfee","url":"https:\/\/www.mcafee.com\/blogs\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png","width":1286,"height":336,"caption":"McAfee"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/McAfee\/","https:\/\/x.com\/McAfee","https:\/\/www.linkedin.com\/company\/mcafee\/","https:\/\/www.youtube.com\/McAfee"]},{"@type":"Person","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/99cb905e9b4051dfea96a7752dea4342","name":"Hardik Shah","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/image\/b151596c8b1a8dc9b25ec3b19ccfd8c0","url":"https:\/\/secure.gravatar.com\/avatar\/2b87a13b8b83a589e5494d7db597ad6a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/2b87a13b8b83a589e5494d7db597ad6a?s=96&d=mm&r=g","caption":"Hardik Shah"},"description":"Hardik Shah, a Senior Research Engineer in McAfee Labs, is an experienced security researcher and technology evangelist. He has extensive experience with exploits, malware analysis, and various IPS engines. Shah enjoys figuring out ways to protect customers from the latest threats. Prior to McAfee, he worked with the IPS research team at Symantec. You can follow him on twitter at @hardik05","sameAs":["https:\/\/www.linkedin.com\/in\/hardik05\/","https:\/\/x.com\/hardik05"],"url":"https:\/\/www.mcafee.com\/blogs\/author\/hardik-shah\/"}]}},"_links":{"self":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/70255","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/users\/612"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/comments?post=70255"}],"version-history":[{"count":2,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/70255\/revisions"}],"predecessor-version":[{"id":214502,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/70255\/revisions\/214502"}],"wp:attachment":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/media?parent=70255"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/categories?post=70255"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/tags?post=70255"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/coauthors?post=70255"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}