April 2024 Patch Tuesday [and Some Spicy Meatballs]

Episode 06   Published April 9, 2024 27 minute watch

Summary

April 2024 Patch Tuesday included a macOS image-processing RCE surfaced by Google's Project Zero and a Windows secure boot issue that spans most major Windows versions. Most of the discussion goes to CVE 2024-3094, the XZ/liblzma supply chain backdoor, where an actor spent two to three years earning maintainer trust before slipping malicious code into the build. Cody and Tom read it as a structural risk rather than an open source failure: one underfunded, burned-out maintainer relinquishing control to a patient contributor is enough to compromise a package that ships everywhere. In response, Automox built a Worklet to scan affected Linux endpoints and downgrade the package below 5.6.0.