[HN Gopher] Apple releases macOS 12.5.1, iOS 15.6.1, patches for... ___________________________________________________________________ Apple releases macOS 12.5.1, iOS 15.6.1, patches for two zero-day vulerabilities Author : nateb2022 Score : 78 points Date : 2022-08-17 19:51 UTC (3 hours ago) (HTM) web link (support.apple.com) (TXT) w3m dump (support.apple.com) | samtheprogram wrote: | Interesting there's no release for other "supported" versions of | macOS. Seems this just affects Monterrey and the associated | versions of iOS? | Klonoar wrote: | Came here to ask - there's really no patch for Big Sur? | radicaldreamer wrote: | They might still be working on it | gumby wrote: | Or the vulnerability might apply only to a more modern | feature. | roog wrote: | nojito wrote: | What? This isn't true at all. | | Many people just prefer to do their work anonymously. | | https://support.apple.com/en-us/HT213346 | | Here's a neural engine bug where one researcher was anonymous | and the other wasn't. | chrisseaton wrote: | > That's the hallmark of a nation state that has previously | been exploiting these, but since decided - for whatever reason | - that the vulns have become too risky to leave undisclosed to | the vendor. | | I think it just means the person doesn't want to be named. | smiddereens wrote: | panny wrote: | Why isn't there basic information available on this cve? What | version range is affected? What applications or system utilities | are affected? Is it remotely exploitable or local only? Does it | require elevated privileges? | | This is the level of support you get from a trillion dollar | company? | pinewurst wrote: | How much support do you get from Google on Android issues? Or | any issue? Or anything, really? | olyjohn wrote: | This thread isn't about Google or Android. So stop with the | what about this and that crap. | | What they do doesn't excuse Apple anyways. | yborg wrote: | Wow, what was that...? Rebooted my Intel Mini like 4 times and | took a good 20 minutes to apply a point release. | anonymouse008 wrote: | Does anyone have an idea as to what programs were actively | exploiting? I'd rather apple tell us directly to know if we are | affected | egypturnash wrote: | Link is to the macOS patch notes, https://support.apple.com/en- | us/HT213412 is the patch notes for iOS if anyone's curious. The | only difference is "available for a bunch of iThings" instead of | "available for Monterey", the CVEs are the same. | dieulot wrote: | > WebKit Bugzilla: 243557 | | https://bugs.webkit.org/show_bug.cgi?id=243557 (leading to | https://github.com/WebKit/WebKit/commit/1ed1e4a336e15a59b94a...) | | Shouldn't this issue have been made inaccessible in order to | mitigate exploitation? | cjbprime wrote: | The bug doesn't seem to describe the vulnerability at all, | though? | dandongus wrote: | Not sure why people flagged you for this. It's very common for | open source projects to make the details of security-related | bugs private. One example is Firefox, nearly every security | update references one or more bug tickets that the public | doesn't have permission to view. | | I wonder if Apple listed the wrong webkit bug number, it almost | looks like it. | tposx wrote: | Looks like the vulnerability was something to do with | incorrect JIT optimisations on Maps and Sets, if the included | tests are any indication. | Syonyk wrote: | I haven't seen a good answer to the question, "Does Lockdown on | iOS 16 prevent whatever this exploited?" | | In any case, there was a Chrome 0day recently patched too, an | Element Desktop RCE... so... Qubes is looking less and less like | "A good idea" and more and more like "The only way to safely use | web browsers." :( Disposable browsing VMs should keep the nasties | away. | antegamisou wrote: | > Qubes is looking less and less like "A good idea" and more | and more like "The only way to safely use web browsers." | | That is until someone comes up with a debilitating Xen 0-day | Syonyk wrote: | > _That is until someone comes up with a debilitating Xen | 0-day_ | | But you're adding layers. | | A Xen 0day, alone, isn't useful. You have to be able to | deliver it, which probably implies local root. | | To get something useful out of a user's home directory on a | typical OS install, you pop the browser, do what you want. | | To get something useful out of a user in Qubes, assuming | they're using an untrusted browsing VM, you have to pop the | browser, then get local root, _then_ deploy your Xen | exploit... and then maybe do something useful. | | There's also the standard malware anti-RE-sandbox techniques | used. Show up in a clean profile on a hypervisor? _Maaaaaybe_ | not a good idea to be evil. Lots of stuff will refuse to | actuate in something that looks like a malware RE sandbox, | and a disposable Qubes VM certainly would look like that. | | I won't claim it's impossible, but I will claim that doing a | cross-Qube hop through Xen is a lot harder than just one | exploit and get the goodies. ___________________________________________________________________ (page generated 2022-08-17 23:00 UTC)