Security News > 2021 > May > Apple fixes three macOS, tvOS zero-day bugs exploited in the wild
Apple has released security updates to patch three macOS and tvOS zero-day vulnerabilities attackers exploited in the wild, with the former being abused by the XCSSET malware to bypass macOS privacy protections.
In all three cases, Apple said that it is aware of reports that the security issues "May have been actively exploited," but it didn't provide details on the attacks or threat actors who may have exploited the zero-days.
Two of the three zero-days impact WebKit on Apple TV 4K and Apple TV HD devices.
While Apple didn't provide any details on how the three zero-days were abused in attacks, Jamf researchers discovered that the macOS zero-day patched today was used by the XCSSET malware to circumvent Apple's TCC protections designed to safeguard users' privacy.
The Shlayer malware used the macOS zero-day patched in April to bypass Apple's File Quarantine, Gatekeeper, and Notarization security checks as an easy way to download and install second-stage malicious payloads.
Update: Added info on the XCSSET malware using the macOS zero-day, updated title.
News URL
Related news
- Apple’s New macOS Sequoia Tightens Gatekeeper Controls to Block Unauthorized Software (source)
- New Banshee Stealer Targets 100+ Browser Extensions on Apple macOS Systems (source)
- New macOS Malware "Cthulhu Stealer" Targets Apple Users' Data (source)
- Apple's latest macOS release is breaking security software, network connections (source)