Apple Patches macOS Security Bypass Vulnerability Exploited by 'Shlayer' Malware

2021-04-27 11:13

Apple has patched a serious security bypass vulnerability in macOS that has been exploited in the wild by at least one threat group.

The Big Sur update fixes nearly 60 security holes, including a logic issue tracked as CVE-2021-30657 that, Apple says, can allow a malicious application to bypass Gatekeeper checks.

The vulnerability tracked as CVE-2021-30657 can be exploited to bypass file quarantine, Gatekeeper and notarization using specially crafted applications.

Patrick Wardle, a researcher who specializes in the security of Apple products, published a lengthy blog post on Monday to describe the vulnerability and its root cause in detail.

Sure enough, Jamf researchers discovered that a variant of the Shlayer malware, which drops adware on infected devices, had been leveraging the vulnerability since at least January 9, 2021, to bypass the file quarantine, notarization and Gatekeeper.

The developers of Shlayer have been known to come up with clever ways to bypass Apple security mechanisms.

News URL

http://feedproxy.google.com/~r/Securityweek/~3/1GGqANeeGFo/apple-patches-macos-security-bypass-vulnerability-exploited-shlayer-malware

#apple #bypass #macos #malware #security #vulnerability #CVE-2021-30657

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2021-09-08	CVE-2021-30657	Unspecified vulnerability in Apple mac OS X and Macos A logic issue was addressed with improved state management. local low complexity apple	5.5

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Apple		72	238	1567	2279	265	4349

News URL

Related news

Related Vulnerability

Related vendor