Security News > 2021 > May > Apple Patches macOS Big Sur Vulnerability Exploited by Malware
Apple on Monday announced that software updates for its desktop and mobile operating systems address tens of vulnerabilities, including a zero-day flaw in macOS Big Sur that has been exploited in attacks.
Security researchers with Jamf, a firm that specializes in enterprise management software for Apple devices, say that the vulnerability has been actively exploited by the XCSSET malware, which infects Xcode projects to target Mac developers.
Apple describes the zero-day vulnerability as a bypass in Privacy preferences that a malicious application may exploit.
Over 70 other vulnerabilities were addressed in macOS Big Sur, more than half of which were also addressed with software updates for macOS Catalina and macOS Mojave.
Apple also addressed more than 40 vulnerabilities with the release of iOS 14.6 and iPadOS 14.6, and also pushed out security updates for tvOS and watchOS, each with patches for more than 20 bugs.
Details on the newly released software updates and the vulnerabilities they address can be found on Apple's security updates page.
News URL
Related news
- New macOS Malware "Cthulhu Stealer" Targets Apple Users' Data (source)
- Apple’s New macOS Sequoia Tightens Gatekeeper Controls to Block Unauthorized Software (source)
- 0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux Devices (source)
- New Banshee Stealer Targets 100+ Browser Extensions on Apple macOS Systems (source)
- New macOS Malware TodoSwift Linked to North Korean Hacking Groups (source)
- GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware (source)
- Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers (source)
- Apple's latest macOS release is breaking security software, network connections (source)