Security News > 2021 > May > Apple Patches macOS Big Sur Vulnerability Exploited by Malware
Apple on Monday announced that software updates for its desktop and mobile operating systems address tens of vulnerabilities, including a zero-day flaw in macOS Big Sur that has been exploited in attacks.
Security researchers with Jamf, a firm that specializes in enterprise management software for Apple devices, say that the vulnerability has been actively exploited by the XCSSET malware, which infects Xcode projects to target Mac developers.
Apple describes the zero-day vulnerability as a bypass in Privacy preferences that a malicious application may exploit.
Over 70 other vulnerabilities were addressed in macOS Big Sur, more than half of which were also addressed with software updates for macOS Catalina and macOS Mojave.
Apple also addressed more than 40 vulnerabilities with the release of iOS 14.6 and iPadOS 14.6, and also pushed out security updates for tvOS and watchOS, each with patches for more than 20 bugs.
Details on the newly released software updates and the vulnerabilities they address can be found on Apple's security updates page.
News URL
Related news
- Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability (source)
- Microsoft Reveals macOS Vulnerability that Bypasses Privacy Controls in Safari Browser (source)
- macOS HM Surf vuln might already be under exploit by major malware family (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- North Korean Hackers Target macOS Using Flutter-Embedded Malware (source)
- New RustyAttr Malware Targets macOS Through Extended Attribute Abuse (source)
- Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308) (source)