Hello and welcome to the Friday, September 22nd, 2023 edition of the Sansonet Storm Center's Stormcast. My name is Johannes Ulrich and I'm recording from Jacksonville, Florida.

This almost appears like a weekly event now, but we got more patches from Apple fixing three different vulnerabilities that are already

exploited in the wild. The three vulnerabilities actually sort of nicely chain one after

another. We do have sort of for initial access vulnerability in a web kit that allows arbitrary code execution.

So a user basically would visit a website and then the attacker gains access inside the Safari sandbox.

Then to use the second vulnerability, which is elevation of privilege vulnerability, so that's a kernel vulnerability.

So that then likely allows breaking out of the sandbox and get full system access.

And then lastly, we do have a vulnerability that allows bypassing of the signature validation for applications.

That's how either, sort of for initial access, a malicious application could be installed,

or then, you know, as a result, after the attacker has access to the system, they could use

a malicious application and sort of gain a foothold on the affected phone.

Now, the patches are being released for pretty much all operating systems, macOS, watchOS, and iOS

iPadOS.

But Apple states in its advisory that this particular vulnerability is currently only being exploited against iOS

before 16.7. That being said, it does also potentially affect iOS 17, which was just

released. And then as typical for WebKit vulnerabilities, we also get an update for Safari.

That's mostly than targeting older versions of Mac OS.

And that particular update for Safari, of course, only addresses the WebKit problem.

So get patching.

Not sure why this wasn't released sort of as a rapid security

update, but as a more complete operating system update. So a little bit more downloading

you need to do here. And talking about Apple Sarah Days, we do have more details regarding

...