Security News > 2021 > April > Hackers Exploit 0-Day Gatekeeper Flaw to Attack macOS Computers

"An unsigned, unnotarized, script-based proof of concept application could trivially and reliably sidestep all of macOS's relevant security mechanisms, even on a fully patched M1 macOS system," security researcher Patrick Wardle explained in a write-up.

"Armed with such a capability macOS malware authors could returning to their proven methods of targeting and infecting macOS users."

Apple's macOS comes with a feature called Gatekeeper, which allows only trusted apps to be run by ensuring that the software has been signed by the App Store or by a registered developer and has cleared an automated process called "App notarization" that scans the software for malicious content.

"It's an app in the sense that you can double click it and macOS views it as an app when you right click -> Get Info on the payload," Owens said.

According to macOS security firm Jamf, the threat actor behind Shlayer malware has been abusing this Gatekeeper bypass vulnerability as early as January 9, 2021.

In addition to the aforementioned vulnerability, Monday's updates also address a critical flaw in WebKit Storage that concerns an arbitrary code execution flaw in iOS, macOS, tvOS, and watchOS when processing maliciously crafted web content.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/PL-XrPanlV8/hackers-exploit-0-day-gatekeeper-flaw.html