Security News > 2021 > December > Apple fixes macOS security flaw behind Gatekeeper bypass
Apple has addressed a macOS vulnerability that unsigned and unnotarized script-based apps could exploit to bypass all macOS security protection mechanisms even on fully patched systems.
Apple has addressed this vulnerability in macOS 11.6 through a security update released in September 2021 that adds improved checks.
The CVE-2021-30853 Gatekeeper bypass bug was discovered and reported to Apple by Box Offensive Security Engineer Gordon Long.
Basically, if the script used a shebang but did not explicitly specify an interpreter, it would bypass Gatekeeper security checks.
This is not the first macOS bug fixed by Apple that would enable threat actors to completely circumvent OS security mechanisms such as Gatekeeper and File Quarantine on fully patched Macs.
In April, Apple patched a zero-day vulnerability exploited in the wild by Shlayer malware operators to bypass macOS automated security checks and deploy additional payloads on compromised Macs.
News URL
Related news
- Oracle warns that macOS 14.4 update breaks Java on Apple CPUs (source)
- U.S. Justice Department Sues Apple Over Monopoly and Messaging Security (source)
- GoFetch security exploit can't be disabled on M1 and M2 Apple chips (source)
- Apple's GoFetch silicon security fail was down to an obsession with speed (source)
- Microsoft squashes SmartScreen security bypass bug exploited in the wild (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-24 | CVE-2021-30853 | Out-of-bounds Write vulnerability in Apple Macos This issue was addressed with improved checks. | 5.5 |