INTERNET STORM CENTER SPOTLIGHT
ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html
Apple Updates Everything (including Studio Display)
Published: 2023-03-27
Last Updated: 2023-03-27 21:01:22 UTC
by Johannes Ullrich (Version: 1)
Apple today released updates for all of its operating systems. The updates also apply for some of the older versions of iOS and macOS. For iOS/iPadOS 15, Apple now patched an already exploited vulnerability (CVE-2023-23529). Current operating systems received a patch for this vulnerability mid January.
Noteworthy is also that this is the first time, as far as I can recall, that we got a security update for the Studio Display firmware. Firmware updates were released before for the studio display, but they fixed non-security bugs.
Read the full entry:
https://isc.sans.edu/diary/Apple+Updates+Everything+including+Studio+Display/29682/
Microsoft Released an Update for Windows Snipping Tool Vulnerability
Published: 2023-03-25
Last Updated: 2023-03-25 19:56:15 UTC
by Guy Bruneau (Version: 1)
To exploit this vulnerability, the image must be created under very specific condition listed here.
According to the information provided by Microsoft, "The default Snipping Tool in Windows 10 and older versions are unaffected. Only Snip & Sketch in Windows 10 and Snipping Tool in Windows 11 are affected by this vulnerability. A security update has been released for these applications, which are available through the Microsoft Store."[1]
This is the information provide to verify if the system is affected:
For Snip and Sketch installed on Windows 10, app versions 10.2008.3001.0 and later contain this update.
For Snipping Tool installed on Windows 11, app versions 11.2302.20.0 and later contain this update.
Read the full entry:
Cropping and Redacting Images Safely
Published: 2023-03-23
Last Updated: 2023-03-23 16:09:10 UTC
by Johannes Ullrich (Version: 1)
The recent "acropalypse" vulnerabilities in Android and Windows 11 showed yet again the dangers of relying on image processing tools to redact images [1][2]. While many image formats are still fundamentally "pixel" based, many have gone beyond simple "array of pixel" formats. Added compression, metadata, and other optimization features can make it difficult to remove information from images. This is not a new issue and has been a problem many times [3].
In some cases, image modifications are just appended to the original image file and overlayed as the image is displayed. Or files retain older versions to allow users to "undo" edits. And of course there are "bugs" like what we had with the recent image issues.
Here are some approaches to make image redaction safer. But please use them with caution.
Read the full entry:
https://isc.sans.edu/diary/Cropping+and+Redacting+Images+Safely/29666/