Security News > 2021 > December > Apple fixes macOS security flaw behind Gatekeeper bypass

Apple fixes macOS security flaw behind Gatekeeper bypass
2021-12-23 22:09

Apple has addressed a macOS vulnerability that unsigned and unnotarized script-based apps could exploit to bypass all macOS security protection mechanisms even on fully patched systems.

Apple has addressed this vulnerability in macOS 11.6 through a security update released in September 2021 that adds improved checks.

The CVE-2021-30853 Gatekeeper bypass bug was discovered and reported to Apple by Box Offensive Security Engineer Gordon Long.

Basically, if the script used a shebang but did not explicitly specify an interpreter, it would bypass Gatekeeper security checks.

This is not the first macOS bug fixed by Apple that would enable threat actors to completely circumvent OS security mechanisms such as Gatekeeper and File Quarantine on fully patched Macs.

In April, Apple patched a zero-day vulnerability exploited in the wild by Shlayer malware operators to bypass macOS automated security checks and deploy additional payloads on compromised Macs.


News URL

https://www.bleepingcomputer.com/news/apple/apple-fixes-macos-security-flaw-behind-gatekeeper-bypass/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-08-24 CVE-2021-30853 Out-of-bounds Write vulnerability in Apple Macos
This issue was addressed with improved checks.
local
low complexity
apple CWE-787
5.5

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 72 238 1567 2279 265 4349