Security News > 2021 > December > Apple fixes macOS security flaw behind Gatekeeper bypass
Apple has addressed a macOS vulnerability that unsigned and unnotarized script-based apps could exploit to bypass all macOS security protection mechanisms even on fully patched systems.
Apple has addressed this vulnerability in macOS 11.6 through a security update released in September 2021 that adds improved checks.
The CVE-2021-30853 Gatekeeper bypass bug was discovered and reported to Apple by Box Offensive Security Engineer Gordon Long.
Basically, if the script used a shebang but did not explicitly specify an interpreter, it would bypass Gatekeeper security checks.
This is not the first macOS bug fixed by Apple that would enable threat actors to completely circumvent OS security mechanisms such as Gatekeeper and File Quarantine on fully patched Macs.
In April, Apple patched a zero-day vulnerability exploited in the wild by Shlayer malware operators to bypass macOS automated security checks and deploy additional payloads on compromised Macs.
News URL
Related news
- North Korean hackers create Flutter apps to bypass macOS security (source)
- EDRSilencer red team tool used in attacks to bypass security (source)
- Hackers Abuse EDRSilencer Tool to Bypass Security and Hide Malicious Activity (source)
- Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security (source)
- Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-24 | CVE-2021-30853 | Out-of-bounds Write vulnerability in Apple Macos This issue was addressed with improved checks. | 5.5 |