Hello and welcome to the Tuesday, July 11, 2023 edition of the Sands and its Storm Center's

Stormcast. My name is Johannes Ulrich. And today I'm recording from Washington, D.C., here at

Sands Fire. Well, Apple today had a surprise for us. This is in the form of a rapid security update.

These are these smaller but urgent updates that Apple publishes

that do not require a system reboot,

but that patch currently exploited vulnerabilities.

Apple published a total of three different vulnerabilities. Two of them

are WebKit remote code execution vulnerabilities, so visiting a malicious web page may

be triggering these vulnerabilities. This, of course, again, gives you access to the Safari

Sandbox. The third one then is the typical privilege-esque. again gives you access to the Safari sandbox.

The third one then is the typical privilege escalation vulnerability that allows you to break out of the sandbox.

One of the two code execution vulnerabilities is only being exploited against iOS released before iOS 15.7. As a result, it's also

only patched for 15.7. The other remote code execution vulnerability is patched for current

versions of iOS, the older version of iOS, as well as MacOS Ventura.

Older versions of MacOS do not receive this patch.

Not clear if that's because they're not vulnerable.

The privilege escalation vulnerability, it is patched across all the operating systems, including watchOS.

So the remote code execution vulnerabilities, well, their web kit, they don't affect watchOS,

only the kernel part that's actually the bridge escalation vulnerability.

So given that these vulnerabilities are actively being exploited, the patch is relatively easy to install.

I would recommend, well, do it now if you haven't already installed these updates.

If you are using ubiquitous edge router or AirCube, you want to double check your firmware version on June 29th,

...