Security News > 2021 > May > Apple fixes three zero-days, one abused by XCSSET macOS malware
Apple has released security updates to patch three macOS and tvOS zero-day vulnerabilities attackers exploited in the wild, with the former being abused by the XCSSET malware to bypass macOS privacy protections.
In all three cases, Apple said that it is aware of reports that the security issues "May have been actively exploited," but it didn't provide details on the attacks or threat actors who may have exploited the zero-days.
Two of the three zero-days impact WebKit on Apple TV 4K and Apple TV HD devices.
While Apple didn't provide any details on how the three zero-days were abused in attacks, Jamf researchers discovered that the macOS zero-day patched today was used by the XCSSET malware to circumvent Apple's TCC protections designed to safeguard users' privacy.
The Shlayer malware used the macOS zero-day patched in April to bypass Apple's File Quarantine, Gatekeeper, and Notarization security checks as an easy way to download and install second-stage malicious payloads.
Update: Added info on the XCSSET malware using the macOS zero-day, updated title.
News URL
Related news
- Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308) (source)
- North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware (source)
- Malicious ads exploited Internet Explorer zero day to drop malware (source)
- macOS HM Surf vuln might already be under exploit by major malware family (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- North Korean Hackers Target macOS Using Flutter-Embedded Malware (source)
- New RustyAttr Malware Targets macOS Through Extended Attribute Abuse (source)
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- Apple fixes two zero-days used in attacks on Intel-based Macs (source)