Security News > 2021 > December > Apple fixes macOS security flaw behind Gatekeeper bypass
Apple has addressed a macOS vulnerability that unsigned and unnotarized script-based apps could exploit to bypass all macOS security protection mechanisms even on fully patched systems.
Apple has addressed this vulnerability in macOS 11.6 through a security update released in September 2021 that adds improved checks.
The CVE-2021-30853 Gatekeeper bypass bug was discovered and reported to Apple by Box Offensive Security Engineer Gordon Long.
Basically, if the script used a shebang but did not explicitly specify an interpreter, it would bypass Gatekeeper security checks.
This is not the first macOS bug fixed by Apple that would enable threat actors to completely circumvent OS security mechanisms such as Gatekeeper and File Quarantine on fully patched Macs.
In April, Apple patched a zero-day vulnerability exploited in the wild by Shlayer malware operators to bypass macOS automated security checks and deploy additional payloads on compromised Macs.
News URL
Related news
- North Korean hackers create Flutter apps to bypass macOS security (source)
- Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308) (source)
- Phishers send corrupted documents to bypass email security (source)
- Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-24 | CVE-2021-30853 | Out-of-bounds Write vulnerability in Apple Macos This issue was addressed with improved checks. | 5.5 |