<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
mso-ligatures:standardcontextual;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
mso-ligatures:standardcontextual;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:1037202735;
mso-list-template-ids:-1576732240;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1
{mso-list-id:1351757482;
mso-list-type:hybrid;
mso-list-template-ids:-747714726 67698689 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
@list l1:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l1:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l1:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l1:level4
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l1:level5
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l1:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l1:level7
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l1:level8
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l1:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l2
{mso-list-id:1496217853;
mso-list-type:hybrid;
mso-list-template-ids:1152963076 67698689 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
@list l2:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l2:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l2:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l2:level4
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l2:level5
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l2:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l2:level7
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l2:level8
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l2:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal"><a name="_Hlk122600425">Good morning,<span style="mso-ligatures:none"><o:p></o:p></span></a></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425">The SOC Services team is reporting on the vulnerability:</span><span style="mso-bookmark:_Hlk122600425"><span style="font-family:"Arial",sans-serif;mso-ligatures:none">
</span></span><span style="mso-bookmark:_Hlk122600425"><b>CVE-2022-48618: Apple Multiple Products Improper Authentication Vulnerability</b></span><span style="mso-bookmark:_Hlk122600425">. Due to its high visibility and knowledge of the software installed in
the state environment, we are providing this in-depth information:<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"><b><u>History</u></b></span><span style="mso-bookmark:_Hlk122600425">: On January 31, 2024, CISA added CVE-2022-48618 to the Known Exploited Vulnerabilities Catalog. CVE-2022-48618 has been assigned
an CVSS score of 7.8.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425">Affected Products:<o:p></o:p></span></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="margin-top:2.4pt;margin-bottom:2.4pt;mso-line-height-alt:11.25pt;mso-list:l0 level1 lfo1">
<span style="mso-bookmark:_Hlk122600425"><span style="font-size:11.5pt">iPhone 8 and later
<o:p></o:p></span></span></li><li class="MsoNormal" style="margin-top:2.4pt;margin-bottom:2.4pt;mso-line-height-alt:11.25pt;mso-list:l0 level1 lfo1">
<span style="mso-bookmark:_Hlk122600425"><span style="font-size:11.5pt">iPad Pro (all models)<o:p></o:p></span></span></li><li class="MsoNormal" style="margin-top:2.4pt;margin-bottom:2.4pt;mso-line-height-alt:11.25pt;mso-list:l0 level1 lfo1">
<span style="mso-bookmark:_Hlk122600425"><span style="font-size:11.5pt">iPad Air 3rd generation and later<o:p></o:p></span></span></li><li class="MsoNormal" style="margin-top:2.4pt;margin-bottom:2.4pt;mso-line-height-alt:11.25pt;mso-list:l0 level1 lfo1">
<span style="mso-bookmark:_Hlk122600425"><span style="font-size:11.5pt">iPad 5th generation and later<o:p></o:p></span></span></li><li class="MsoNormal" style="margin-top:2.4pt;margin-bottom:2.4pt;mso-line-height-alt:11.25pt;mso-list:l0 level1 lfo1">
<span style="mso-bookmark:_Hlk122600425"><span style="font-size:11.5pt">iPad mini 5th generation and later<o:p></o:p></span></span></li><li class="MsoNormal" style="margin-top:2.4pt;margin-bottom:2.4pt;mso-line-height-alt:11.25pt;mso-list:l0 level1 lfo1">
<span style="mso-bookmark:_Hlk122600425"><span style="font-size:11.5pt">macOS Ventura<o:p></o:p></span></span></li><li class="MsoNormal" style="margin-top:2.4pt;margin-bottom:2.4pt;mso-line-height-alt:11.25pt;mso-list:l0 level1 lfo1">
<span style="mso-bookmark:_Hlk122600425"><span style="font-size:11.5pt">Apple TV 4K<o:p></o:p></span></span></li><li class="MsoNormal" style="margin-top:2.4pt;margin-bottom:2.4pt;mso-line-height-alt:11.25pt;mso-list:l0 level1 lfo1">
<span style="mso-bookmark:_Hlk122600425"><span style="font-size:11.5pt">Apple TV 4K (2nd generation and later)<o:p></o:p></span></span></li><li class="MsoNormal" style="margin-top:2.4pt;margin-bottom:2.4pt;mso-line-height-alt:11.25pt;mso-list:l0 level1 lfo1">
<span style="mso-bookmark:_Hlk122600425"><span style="font-size:11.5pt">Apple TV HD<o:p></o:p></span></span></li><li class="MsoNormal" style="margin-top:2.4pt;margin-bottom:2.4pt;mso-line-height-alt:11.25pt;mso-list:l0 level1 lfo1">
<span style="mso-bookmark:_Hlk122600425"><span style="font-size:11.5pt">Apple Watch Series 4 and later<o:p></o:p></span></span></li></ul>
<p class="MsoNormal" style="mso-margin-top-alt:2.4pt;margin-right:0in;margin-bottom:2.4pt;margin-left:0in;mso-line-height-alt:11.25pt">
<span style="mso-bookmark:_Hlk122600425"><span style="font-size:11.5pt"><o:p> </o:p></span></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:2.4pt;margin-right:0in;margin-bottom:2.4pt;margin-left:0in;mso-line-height-alt:11.25pt">
<span style="mso-bookmark:_Hlk122600425"><span style="font-size:11.5pt">Fixed versions:<o:p></o:p></span></span></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoListParagraph" style="margin-top:2.4pt;margin-bottom:2.4pt;margin-left:0in;mso-line-height-alt:11.25pt;mso-list:l1 level1 lfo4">
<span style="mso-bookmark:_Hlk122600425"><span style="font-size:11.5pt">iOS 16.2 and later<o:p></o:p></span></span></li><li class="MsoListParagraph" style="margin-top:2.4pt;margin-bottom:2.4pt;margin-left:0in;mso-line-height-alt:11.25pt;mso-list:l1 level1 lfo4">
<span style="mso-bookmark:_Hlk122600425"><span style="font-size:11.5pt">iPadOS 16.2 and later<o:p></o:p></span></span></li><li class="MsoListParagraph" style="margin-top:2.4pt;margin-bottom:2.4pt;margin-left:0in;mso-line-height-alt:11.25pt;mso-list:l1 level1 lfo4">
<span style="mso-bookmark:_Hlk122600425"><span style="font-size:11.5pt">macOS Ventura 13.1 and later<o:p></o:p></span></span></li><li class="MsoListParagraph" style="margin-top:2.4pt;margin-bottom:2.4pt;margin-left:0in;mso-line-height-alt:11.25pt;mso-list:l1 level1 lfo4">
<span style="mso-bookmark:_Hlk122600425"><span style="font-size:11.5pt">tvOS 16.2 and later<o:p></o:p></span></span></li><li class="MsoListParagraph" style="margin-top:2.4pt;margin-bottom:2.4pt;margin-left:0in;mso-line-height-alt:11.25pt;mso-list:l1 level1 lfo4">
<span style="mso-bookmark:_Hlk122600425"><span style="font-size:11.5pt">watchOS 9.2 and later<o:p></o:p></span></span></li></ul>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425">Security notifications from Apple can be found below.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"></span><a href="https://support.apple.com/en-us/HT213530"><span style="mso-bookmark:_Hlk122600425">https://support.apple.com/en-us/HT213530</span><span style="mso-bookmark:_Hlk122600425"></span></a><span style="mso-bookmark:_Hlk122600425"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"></span><a href="https://support.apple.com/en-us/HT213532"><span style="mso-bookmark:_Hlk122600425">https://support.apple.com/en-us/HT213532</span><span style="mso-bookmark:_Hlk122600425"></span></a><span style="mso-bookmark:_Hlk122600425"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"></span><a href="https://support.apple.com/en-us/HT213535"><span style="mso-bookmark:_Hlk122600425">https://support.apple.com/en-us/HT213535</span><span style="mso-bookmark:_Hlk122600425"></span></a><span style="mso-bookmark:_Hlk122600425"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"></span><a href="https://support.apple.com/en-us/HT213536"><span style="mso-bookmark:_Hlk122600425">https://support.apple.com/en-us/HT213536</span><span style="mso-bookmark:_Hlk122600425"></span></a><span style="mso-bookmark:_Hlk122600425"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"><b><u>Intelligence</u></b></span><span style="mso-bookmark:_Hlk122600425">: As of January 31, 2024, the vulnerability has been confirmed as being exploited in the wild. Apple is aware of a report
that this issue may have been exploited against versions of iOS released before iOS 15.7.1.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"><b><u><o:p><span style="text-decoration:none"> </span></o:p></u></b></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"><b><u>Workarounds:</u></b></span><span style="mso-bookmark:_Hlk122600425"> There are no workarounds for this vulnerability.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"><b><u><o:p><span style="text-decoration:none"> </span></o:p></u></b></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"><b><u>How it works</u></b></span><span style="mso-bookmark:_Hlk122600425">: Apple has not released any information as to how this vulnerability has been exploited.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"><b><u>Post-Exploit</u></b></span><span style="mso-bookmark:_Hlk122600425">: Upon successful exploitation of the vulnerability, an attacker with arbitrary read and write capability may be able to
bypass Pointer Authentication.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span style="mso-bookmark:_Hlk122600425">The following vulnerability plugins have been released and are currently in Tenable Security Center:<o:p></o:p></span></p>
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" style="border-collapse:collapse">
<tbody>
<tr>
<td width="119" valign="top" style="width:89.5pt;border:solid windowtext 1.0pt;padding:0in 5.4pt 0in 5.4pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="mso-bookmark:_Hlk122600425"><b><u>Plugin<o:p></o:p></u></b></span></p>
</td>
<span style="mso-bookmark:_Hlk122600425"></span>
<td width="672" valign="top" style="width:7.0in;border:solid windowtext 1.0pt;border-left:none;padding:0in 5.4pt 0in 5.4pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="mso-bookmark:_Hlk122600425"><b><u>Title<o:p></o:p></u></b></span></p>
</td>
<span style="mso-bookmark:_Hlk122600425"></span>
<td width="120" valign="top" style="width:90.2pt;border:solid windowtext 1.0pt;border-left:none;padding:0in 5.4pt 0in 5.4pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="mso-bookmark:_Hlk122600425"><b><u>Severity<o:p></o:p></u></b></span></p>
</td>
<span style="mso-bookmark:_Hlk122600425"></span>
</tr>
<tr>
<td width="119" valign="top" style="width:89.5pt;border:solid windowtext 1.0pt;border-top:none;padding:0in 5.4pt 0in 5.4pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="mso-bookmark:_Hlk122600425"></span><a href="https://www.tenable.com/plugins/nessus/169649"><span style="mso-bookmark:_Hlk122600425"><b>169649</b></span><span style="mso-bookmark:_Hlk122600425"></span></a><span style="mso-bookmark:_Hlk122600425"><b><o:p></o:p></b></span></p>
</td>
<span style="mso-bookmark:_Hlk122600425"></span>
<td width="672" valign="top" style="width:7.0in;border-top:none;border-left:none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;padding:0in 5.4pt 0in 5.4pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="mso-bookmark:_Hlk122600425"><b>Apple TV < 16.2 Multiple Vulnerabilities (HT213535)<o:p></o:p></b></span></p>
</td>
<span style="mso-bookmark:_Hlk122600425"></span>
<td width="120" valign="top" style="width:90.2pt;border-top:none;border-left:none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;padding:0in 5.4pt 0in 5.4pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="mso-bookmark:_Hlk122600425"><b>Critical<o:p></o:p></b></span></p>
</td>
<span style="mso-bookmark:_Hlk122600425"></span>
</tr>
<tr>
<td width="119" valign="top" style="width:89.5pt;border:solid windowtext 1.0pt;border-top:none;padding:0in 5.4pt 0in 5.4pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="mso-bookmark:_Hlk122600425"></span><a href="https://www.tenable.com/plugins/nessus/168872"><span style="mso-bookmark:_Hlk122600425"><b><span style="color:#0563C1">168872</span></b></span><span style="mso-bookmark:_Hlk122600425"></span></a><span style="mso-bookmark:_Hlk122600425"><b><o:p></o:p></b></span></p>
</td>
<span style="mso-bookmark:_Hlk122600425"></span>
<td width="672" valign="top" style="width:7.0in;border-top:none;border-left:none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;padding:0in 5.4pt 0in 5.4pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="mso-bookmark:_Hlk122600425"><b>Apple iOS < 16.2 Multiple Vulnerabilities (HT213530)<o:p></o:p></b></span></p>
</td>
<span style="mso-bookmark:_Hlk122600425"></span>
<td width="120" valign="top" style="width:90.2pt;border-top:none;border-left:none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;padding:0in 5.4pt 0in 5.4pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="mso-bookmark:_Hlk122600425"><b>Critical<o:p></o:p></b></span></p>
</td>
<span style="mso-bookmark:_Hlk122600425"></span>
</tr>
<tr>
<td width="119" valign="top" style="width:89.5pt;border:solid windowtext 1.0pt;border-top:none;padding:0in 5.4pt 0in 5.4pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="mso-bookmark:_Hlk122600425"></span><a href="https://www.tenable.com/plugins/nessus/168697"><span style="mso-bookmark:_Hlk122600425"><b>168697</b></span><span style="mso-bookmark:_Hlk122600425"></span></a><span style="mso-bookmark:_Hlk122600425"><b><o:p></o:p></b></span></p>
</td>
<span style="mso-bookmark:_Hlk122600425"></span>
<td width="672" valign="top" style="width:7.0in;border-top:none;border-left:none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;padding:0in 5.4pt 0in 5.4pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="mso-bookmark:_Hlk122600425"><b>macOS 13.x < 13.1 Multiple Vulnerabilities (HT213532)<o:p></o:p></b></span></p>
</td>
<span style="mso-bookmark:_Hlk122600425"></span>
<td width="120" valign="top" style="width:90.2pt;border-top:none;border-left:none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;padding:0in 5.4pt 0in 5.4pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="mso-bookmark:_Hlk122600425"><b>Critical<o:p></o:p></b></span></p>
</td>
<span style="mso-bookmark:_Hlk122600425"></span>
</tr>
</tbody>
</table>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"><b><u><o:p><span style="text-decoration:none"> </span></o:p></u></b></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"><b><u>Additional Resources:</u></b></span><span style="mso-bookmark:_Hlk122600425"> The InTune team has provide the attached documents, which can be tailored to your needs. They provide answers to
frequently asked questions about iOS updates from the perspective of both technicians and users, as well as the update process.<b><u><o:p></o:p></u></b></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"><b><u>Recommended Actions</u></b></span><span style="mso-bookmark:_Hlk122600425">:<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"> <o:p></o:p></span></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="mso-list:l2 level1 lfo2"><span style="mso-bookmark:_Hlk122600425">Ensure mobile devices are charged to 50% and are plugged into a charger.<o:p></o:p></span></li><li class="MsoNormal" style="mso-list:l2 level1 lfo2"><span style="mso-bookmark:_Hlk122600425">Verify host has not been compromised before applying patches.<o:p></o:p></span></li><li class="MsoNormal" style="mso-list:l2 level1 lfo2"><span style="mso-bookmark:_Hlk122600425">Apply appropriate updates provided by vendor to vulnerable systems immediately after appropriate testing.<o:p></o:p></span></li><li class="MsoNormal" style="mso-list:l2 level1 lfo2"><span style="mso-bookmark:_Hlk122600425">Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.<o:p></o:p></span></li><li class="MsoNormal" style="mso-list:l2 level1 lfo2"><span style="mso-bookmark:_Hlk122600425">Apply the Principle of Least Privilege to all systems and services.<o:p></o:p></span></li></ul>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk122600425"><o:p> </o:p></span></p>
<span style="mso-bookmark:_Hlk122600425"></span>
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="702" style="width:526.5pt;border-collapse:collapse">
<tbody>
<tr style="height:63.0pt">
<td width="118" valign="top" style="width:88.35pt;padding:0in 4.65pt 0in 4.65pt;height:63.0pt">
<p class="MsoNormal" style="line-height:105%"><span style="color:#1F497D"><img border="0" width="121" height="87" style="width:1.2583in;height:.9083in" id="Picture_x0020_4" src="cid:image001.png@01DA5429.D45CBA10"><span style="mso-ligatures:none"><o:p></o:p></span></span></p>
</td>
<td width="493" valign="top" style="width:369.65pt;padding:0in 4.65pt 0in 4.65pt;height:63.0pt">
<p class="MsoNormal" style="line-height:105%"><b><span style="mso-ligatures:none">Cyber Security Services<o:p></o:p></span></b></p>
<p class="MsoNormal" style="line-height:105%"><span style="mso-ligatures:none">State of Oregon Cyber Security Services<o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:105%"><span style="mso-ligatures:none">Enterprise Information Services | SOC<o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:105%"><span style="mso-ligatures:none">Cyber Security Services (CSS)<o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:105%"><span style="mso-ligatures:none">SOC Hotline: (503) 378-5930 | SOC Services (503) 373-0378<span style="color:#1F497D"><o:p></o:p></span></span></p>
</td>
</tr>
<tr>
<td width="611" colspan="2" valign="top" style="width:458.05pt;padding:0in 4.65pt 0in 4.65pt">
<p class="MsoNormal" style="line-height:105%"><i><span style="color:#2E74B5;mso-ligatures:none">“Ensuring user-friendly, reliable and secure state technology systems that serve Oregonians.”<o:p></o:p></span></i></p>
</td>
</tr>
</tbody>
</table>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>