Hello, welcome to the Tuesday, September 12, 2020,

edition of the Sandler, Storm Center's Stormcast.

My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

Today we got more patches from Apple, again patching one of the two Saturday-warned- two Saturday vulnerabilities that have already been exploited.

Only one of them, but this time for the older operating systems.

This is just a patch for the Image IO vulnerability, CVE 2023 41064.

Not sure if there is still yet another patch coming then for the wallet vulnerability or if that one does necessarily apply to these older operating systems.

But remember the image I all, that's the vulnerability that actually did allow the code

execution. The wallet vulnerability just sort of assisted in the exploitation of this vulnerability.

And we got an interesting attack against Wi-Fi networks. This particular attack was dubbed Y-K-I-EVE, and its

vulnerability allows the limited decryption of some numeric input. Now, the way this works is that

modern Wi-Fi networks use something called beamforming,

where an access point is essentially trying to direct Wi-Fi beam at a particular device.

In order for this to work, the device itself is then reporting back information about basically the signal quality it receives,

and that's the beam forming feedback information.

The beam forming feedback information is not encrypted, and what essentially allows for is

that an attacker can measure by intercepting that signal what the signal strength is between

the access point and the mobile device, in particular for a mobile device where a user is

using an on-screen keyboard.

The hand movement is intercepting and interfering with the beam, So the hand position on the keyboard can essentially

be derived by looking at these signals. This is an attack that is far from perfect. I think

they said something like about 50% success in sort of getting like pins and the like.

...