Hello, welcome to the Wednesday, July 1st, 2020 edition of the Sansanet Storm Center's

Stormcast. My name is Johannes Ulrich, and then I'm recording from Jacksonville, Florida.

Microsoft today released two updates for Windows Codecone vulnerabilities that do affect Windows 10 as well as Windows Server 2019.

Now of course no big surprise that Windows 10 and Server 2019 are both affected.

They're similar enough and share a lot of libraries. These codec libraries affected by these two vulnerabilities are processing images.

So in order to exploit the vulnerability, a victim would have to look at a malicious

image that is then able to execute arbitrary code.

It's a little bit odd that Microsoft came up with this patch sort of out of order.

There is no current exploit known for it, and this vulnerability was found by Abdu Lassiz Harari,

who was actually part of the Trent Micro-Cyrid initiative

so it was reported to Microsoft

via the Serrida initiative.

Microsoft does state that this update

should be applied automatically via

the Microsoft Store.

You could theoretically trigger it manually if you don't want to wait

for the automatic patch to kick off. But well, a lot of malware these days, of course,

doesn't really rely on any vulnerabilities like this in order to execute code. It just tricks the user into doing so.

And that, of course, is operating system independent. And yes, I do have some new Mac malware

to talk about. Malverbytes wrote this up. And the reason you may be infected with this latest Mac Malver

is if you installed Little Snitch, very popular and very good firewall software for MacOS from Torrent.

So the trick here is that the attacker is trying to trick you into

...