Security News > 2021 > April > Apple fixes macOS zero-day bug exploited by Shlayer malware
Apple has fixed a zero-day vulnerability in macOS exploited in the wild by Shlayer malware to bypass Apple's File Quarantine, Gatekeeper, and Notarization security checks and download second-stage malicious payloads.
The Jamf Protect detection team discovered that starting January 2021, the Shlayer threat actors created unsigned and unnotarized Shlayer samples have begun exploiting a zero-day vulnerability, discovered and reported to Apple by security engineer Cedric Owens.
Today, Apple has released a security update to fix the vulnerability in macOS Big Sur 11.3 and block malware campaigns actively abusing it.
Intego's research team spotted Shlayer for the first time in a malware campaign in February 2018, camouflaged as a fake Adobe Flash Player installer just as many other malware families targeting macOS users.
In total, with today's security updates for macOS and iOS bugs exploited in the wild, Apple has addressed nine zero-days since November.
In January, Apple fixed a race condition bug in the iOS kernel and two WebKit security flaws.
News URL
Related news
- New macOS Malware "Cthulhu Stealer" Targets Apple Users' Data (source)
- New macOS Malware TodoSwift Linked to North Korean Hacking Groups (source)
- South Korean hackers exploited WPS Office zero-day to deploy malware (source)
- Malware exploits 5-year-old zero-day to infect end-of-life IP cameras (source)
- Apple's latest macOS release is breaking security software, network connections (source)