BrianKrebs

Microsoft today issued security updates to fix a whopping 130 flaws in Windows etc, including 4 zero-day vulnerabilities. MSFT issued an advisory for but did not patch a fifth zero-day that is being exploited by ransomware crooks reportedly working in support of Russian intelligence operations. Meanwhile, Apple issued and then pulled a patch for a zero-day flaw in iOS and macOS. The Apple flaw is fixed in iOS/iPadOS 16.5.1, macOS 13.4.1, and Safari 16.5.2.

#patchemifyougotem

https://krebsonsecurity.com/2023/07/apple-microsoft-patch-tuesday-july-2023-edition/

Apple & Microsoft Patch Tuesday, July 2023 Edition – Krebs on Security

Jul 12, 2023 at 12:02amWeb
Show threadSarahJul 12, 2023
@briankrebs okay THANK YOU. Because I was so confused that I downloaded the iOS patch, was going to install it later and now can’t. Still have an alert on my phone that there is an update, but when I clicked on it, nothing was there. You rock
Show threadturboeastereggJul 12, 2023
@SarahOestreich @briankrebs happened to me, too -- so glad to know it wasn't just me
Show threadAvoid The Hack!Jul 12, 2023

@briankrebs #patchemifyougotem πŸ˜‚ πŸ˜‚ πŸ˜‚

Also the WebKit 0-day is tracked as CVE-2023-37450, for anybody wondering.

Show threadyProdJul 12, 2023
@briankrebs The sentence β€œThe latest security update that includes the fix for the zero-day bug should be available in iOS/iPadOS 16.5.1” is really confusing – nothing is available right now as Apple pulled 16.5.1 (a), as you wrote above.
Show threadAndrewJul 12, 2023
@briankrebs and I wonder how many Macs and Windows machines are out there still being used but no longer receiving updates? (I know my iMac is going to fall into that category soon)
Show threadAxel FoleyJul 12, 2023
@briankrebs Linux all the way πŸ‘βš˜