Security News > 2021 > April > Apple Patches Zero-Day MacOS Bug That Can Bypass Anti-Malware Defenses
![Apple Patches Zero-Day MacOS Bug That Can Bypass Anti-Malware Defenses](/static/build/img/news/apple-patches-zero-day-macos-bug-that-can-bypass-anti-malware-defenses-medium.jpg)
Apple patched a zero-day vulnerability in its MacOS that can bypass critical anti-malware capabilities and which a variant of the notorious Mac threat Shlayer adware dropper already has been exploiting for several months.
Security researcher Cedric Owens first discovered the vulnerability, tracked as CVE-2021-30657 and patched in macOS 11.3, an update dropped by Apple on Monday.
The vulnerability is particularly perilous to macOS users because it allows an attacker to very easily craft a macOS payload that goes unchecked by the strict security features built into the OS specifically to keep malware out.
"This bug trivially bypasses many core Apple security mechanisms, leaving Mac users at grave risk," warned Patrick Wardle, an Apple security expert who runs the Objective-See Mac security tool site, in a blog post Monday.
Owens said he tested his exploit for the bug successfully on macOS Catalina 10.15-specifically on 10.15.7-and on versions of macOS Big Sur before Big Sur 11.3, submitting a report to Apple about the vulnerability on March 25.
The three features that the flaw could bypass actually show a steady progression of macOS security, with the company reinforcing each feature to make the OS inherently less penetrable, Wardle explained.
News URL
https://threatpost.com/apple-patches-macos-bug-bypass-defenses/165611/
Related news
- SPECTR Malware Targets Ukraine Defense Forces in SickSync Campaign (source)
- Pakistan-linked Malware Campaign Evolves to Target Windows, Android, and macOS (source)
- Clever macOS malware delivery campaign targets cryptocurrency users (source)
- New Rust-based Fickle Malware Uses PowerShell for UAC Bypass and Data Exfiltration (source)
- Snowblind malware abuses Android security feature to bypass security (source)
- Cisco warns of NX-OS zero-day exploited to deploy custom malware (source)
- Chinese Hackers Exploiting Cisco Switches Zero-Day to Deliver Malware (source)
- Windows MSHTML zero-day used in malware attacks for over a year (source)
- North Korean Hackers Update BeaverTail Malware to Target MacOS Users (source)
- PKfail Secure Boot bypass lets attackers install UEFI malware (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-09-08 | CVE-2021-30657 | Unspecified vulnerability in Apple mac OS X and Macos A logic issue was addressed with improved state management. network apple | 4.3 |