CISAnalysis - September 14, 2022

14 Sep 2022
blog-posts/images/cl829hc8u1kco0jnyc8k20jk5.png

Coming off a spectacular run last week with a dozen vulnerabilities, CISA has come back down to Earth, adding a pair of vulnerabilities to the Known Exploited Vulnerabilities Catalog. It's a peculiar predicament for sworn enemies and strange bedfellows Apple and Microsoft——two peas in a pod....or shall I say, kernel 😜.

First up, Apple

The flaw in Apple iOS, iPadOS, and macOS allows malicious apps to "promote" themselves to kernel level privileges. What does kernel privileges give you? Everything. Full, unrestricted access to all machine resources——hardware, software, you name it. CISA is typically behind when it comes to cataloging, but they are not taking a Sunday stroll with this one. Apple disclosed the vulnerability on Sep 12 and two days later——bam!——it's listed. Kudos, CISA, particularly when there is active exploitation and exploit code swirling on the black market.

Microsoft: we're twinning

The twin flaw is in Windows Common Log File System Driver. Why the twin label? Because with a successful exploit, you get system privileges, which are analogous to kernel on Mac. So you get the whole kit and caboodle. This zero-day is being actively exploited in the wild, so you better get your bug spray out and go to town, stat.

Popcorn is great for a date night at the movies. But you don't want these kernel(s) to explode 💥. Apply the vendor updates immediately.

#cisa #cisanalysis #apple #microsoft #zeroday

Comments (0)