Hello and welcome to the Friday, June 23rd, 2003 edition of the Sands and at Storm Center's

Stormcast. My name is Johannes Ulrich, and today I'm recording from Stockholm, Germany.

I told you this week, I'll be in actually next week, too, I'll be a little bit off with respect to the recordings here because of the

time zone difference. So yesterday, just as I finished recording, I did learn that, well,

Apple released updates for all of its operating systems, fixing three vulnerabilities that are

already actively being exploited.

Kasperski reported these vulnerabilities to Apple, which indicates that these

vulnerabilities are likely related to a compromise of devices at Kasperski, which

they reported about a week or so ago.

I think they called it Operation Triangle.

Two of the vulnerabilities are affecting WebKit.

WebKit, of course, is the engine behind Apple's browsers,

so Safari and pretty much anything else that parses HTML and such in Safari, visiting

malicious website can execute arbitrary code.

This will typically only give you code execution privileges within the web browser's sandbox.

And this is where the third vulnerability comes in.

That third vulnerability does actually allow approach escalation and does allow

executing arbitrary code with kernel privileges.

So these vulnerabilities have to be chained together to lead to a complete system

compromise the way Kraski described to Malver that they observed. Now, in the reporting by Kraski,

I've seen they only noted older operating systems being affected, but these vulnerabilities are

being patched in all current operating systems up to iOS 16.5. Now we have 16.5.1 as well as a macOS Ventura or 13.4, which now is up to 13.4.1.

...