Hello, welcome to the Tuesday, October 9th, 2018 edition of the Sancton Storm Center's Stormcast.

My name is Johannes Ulrich, and I'm recording from Honolulu, Hawaii.

We got two updates from Apple, one for iCloud for Windows.

It fixes a number of web kit vulnerabilities,

an addition, a SQL light issue.

Then we also got an update for iOS.

This is iOS 1201.

This is a quick bug fix release that fixes some critical bugs

that came up in iOS 12, which was released a couple weeks ago.

Both vulnerabilities being addressed here are lock screen bypass vulnerabilities, one affected

voiceover and would allow access to photos and contacts from a locked phone. And the second lock screen bypass was related

to allowing user access to the share function on a locked device. This was fixed via updating

quick look. And Intel announced its ninth generation CPUs. with that but only as a footnote on a slide,

they also announced that this next generation of CPU will include mitigation against various versions of Spectre and Meltdown.

This footnote lists five different vulnerabilities, two of which are mitigated in hardware.

That's Meltdown version 3, the Roke Data Cash Load, as well as the L1 terminal fault, which was one of the more recent discoveries.

Other vulnerabilities are mitigated with a mix of microcode and software.

This matches up with what Intel promised back in March.

What we of course don't know is if some of these fixes will mitigate some of the performance issues

that people have reported from prior

patches. And Microsoft late last week had to withdraw its October 2018 update for Windows 10. Now, this

was a functional update, not a security update, also known as version 1809.

...