Coming off a spectacular run last week with a dozen vulnerabilities, CISA has come back down to Earth, adding a pair of vulnerabilities to the Known Exploited Vulnerabilities Catalog. It’s a peculiar predicament for sworn enemies and strange bedfellows Apple and Microsoft——two peas in a pod….or shall I say, kernel 😜.
First up, Apple
The flaw in Apple iOS, iPadOS, and macOS allows malicious apps to “promote” themselves to kernel level privileges. What does kernel privileges give you? Everything. Full, unrestricted access to all machine resources——hardware, software, you name it. CISA is typically behind when it comes to cataloging, but they are not taking a Sunday stroll with this one. Apple disclosed the vulnerability on Sep 12 and two days later——bam!——it’s listed. Kudos, CISA, particularly when there is active exploitation and exploit code swirling on the black market.
Microsoft: we’re twinning
The twin flaw is in Windows Common Log File System Driver. Why the twin label? Because with a successful exploit, you get system privileges, which are analogous to kernel on Mac. So you get the whole kit and caboodle. This zero-day is being actively exploited in the wild, so you better get your bug spray out and go to town, stat.
Popcorn is great for a date night at the movies. But you don’t want these kernel(s) to explode 💥. Apply the vendor updates immediately.
#cisa #cisanalysis #apple #microsoft #zeroday
About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
TOPIA is a consolidated vulnerability management platform that protects assets in real time. Its rich, integrated features efficiently pinpoint and remediate the largest risks to your cyber infrastructure. Resolve the most pressing threats with efficient automation features and precise contextual analysis.