Hello and welcome to the Tuesday, January 23rd, 2024 edition of the Sands and its Storm Center's Stormcast.

My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

A couple of interesting updates today.

First of all, we got updates from Apple.

Apple released updates for all of its operating systems,

including some older versions of operating systems, for example, for MacOS going back to

Monoray or 12.7, and for iOS and iPadOS going back to 15.8. The reason we see these updates for older operating

systems are in one part some of these older already exploited vulnerabilities, and that's in

particular CVE 2020-192916 and 42917.

These WebKit vulnerabilities have been patched for more modern versions of iOS and

macOS last year.

Now Apple is sort of catching up with some of the older operating systems.

But also for up-to-date operating systems, we do have an already exploited vulnerability.

That's being patched here, again, a web kit vulnerability, meaning that it could be exploited

as you visit malicious website.

Now, some of these older web kit vulnerabilities, we also so exploited, for example, in

these tickets and boarding passes and such that are displayed by Apple's wallet, because

that's also rendered using WebKit.

Overall, we have updates for 29 different vulnerabilities.

At least that's my count.

Always easy to sort of miss one or count one double here.

Update, there is nothing really need to select about these updates other than to apply them.

...