Security News > 2021 > May > Apple fixes three zero-days, one abused by XCSSET macOS malware

Apple fixes three zero-days, one abused by XCSSET macOS malware
2021-05-24 19:40

Apple has released security updates to patch three macOS and tvOS zero-day vulnerabilities attackers exploited in the wild, with the former being abused by the XCSSET malware to bypass macOS privacy protections.

In all three cases, Apple said that it is aware of reports that the security issues "May have been actively exploited," but it didn't provide details on the attacks or threat actors who may have exploited the zero-days.

Two of the three zero-days impact WebKit on Apple TV 4K and Apple TV HD devices.

While Apple didn't provide any details on how the three zero-days were abused in attacks, Jamf researchers discovered that the macOS zero-day patched today was used by the XCSSET malware to circumvent Apple's TCC protections designed to safeguard users' privacy.

The Shlayer malware used the macOS zero-day patched in April to bypass Apple's File Quarantine, Gatekeeper, and Notarization security checks as an easy way to download and install second-stage malicious payloads.

Update: Added info on the XCSSET malware using the macOS zero-day, updated title.


News URL

https://www.bleepingcomputer.com/news/security/apple-fixes-three-zero-days-one-abused-by-xcsset-macos-malware/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 72 238 1567 2279 265 4349