Security News > 2021 > April > Apple Patches macOS Security Bypass Vulnerability Exploited by 'Shlayer' Malware

Apple has patched a serious security bypass vulnerability in macOS that has been exploited in the wild by at least one threat group.

The Big Sur update fixes nearly 60 security holes, including a logic issue tracked as CVE-2021-30657 that, Apple says, can allow a malicious application to bypass Gatekeeper checks.

The vulnerability tracked as CVE-2021-30657 can be exploited to bypass file quarantine, Gatekeeper and notarization using specially crafted applications.

Patrick Wardle, a researcher who specializes in the security of Apple products, published a lengthy blog post on Monday to describe the vulnerability and its root cause in detail.

Sure enough, Jamf researchers discovered that a variant of the Shlayer malware, which drops adware on infected devices, had been leveraging the vulnerability since at least January 9, 2021, to bypass the file quarantine, notarization and Gatekeeper.

The developers of Shlayer have been known to come up with clever ways to bypass Apple security mechanisms.

News URL

http://feedproxy.google.com/~r/Securityweek/~3/1GGqANeeGFo/apple-patches-macos-security-bypass-vulnerability-exploited-shlayer-malware