SANS Internet Storm Center Stormcast: July 30, 2025 Edition on Apple Updates and Security Vulnerabilities
In this July 30, 2025 edition of the SANS Internet Storm Center Stormcast, Johannes Ullrich, recording from Jacksonville, Florida, discusses recent updates from Apple and various security vulnerabilities. The first topic covered is Apple's surprise update, which affected all its operating systems: iOS, iPadOS, macOS, watchOS, tvOS, and VisionOS. This update fixed a total of 89 vulnerabilities. Johannes explains that these updates are often predictable due to the previously published beta and RC (Release Candidate) versions. The fixed vulnerabilities include common kernel issues across all operating systems, as well as WebKit-specific vulnerabilities that primarily affect Safari. He emphasizes that some of these vulnerabilities can lead to memory corruption, which could be critical if they allow remote code execution without user interaction. Although these vulnerabilities are not explicitly marked as exploited, it is recommended to patch them within the week following their publication. Johannes also mentions an article by Xavier, which proposes a scripted solution for quickly sorting ZIP files and checking if they contain a specific pattern. Xavier's Python script identifies ZIP files by checking the first four bytes, then decompresses the files and searches for the pattern. Johannes appreciates this simple and fast approach and suggests comparing the performance of different solutions, such as Bash scripts, Perl, or even C solutions. Finally, Johannes addresses a vulnerability in Cisco IOS and another in PaperCut, a print server management software. The Cisco IOS vulnerability has already been exploited and added to the CISA's database of exploited vulnerabilities. The PaperCut vulnerability, dating back to 2023, has also been exploited, causing issues with ransomware. Johannes stresses the importance of keeping these software up to date, even though printers are often neglected in update cycles. In conclusion, this video provides a detailed overview of recent security updates and critical vulnerabilities, with practical advice for cybersecurity professionals.