Security News > 2021 > December > Expert Details macOS Bug That Could Let Malware Bypass Gatekeeper Security
Apple recently fixed a security vulnerability in the macOS operating system that could be potentially exploited by a threat actor to "Trivially and reliably" bypass a "Myriad of foundational macOS security mechanisms" and run arbitrary code.
Security researcher Patrick Wardle detailed the discovery in a series of tweets on Thursday.
Tracked as CVE-2021-30853, the issue relates to a scenario where a rogue macOS app may circumvent Gatekeeper checks, which ensure that only trusted apps can be run and that they have passed an automated process called "App notarization."
The iPhone maker, crediting Gordon Long of Box with reporting the flaw, said it addressed the weakness with improved checks as part of macOS 11.6 updates officially released on September 20, 2021.
"Such bugs are often particularly impactful to everyday macOS users as they provide a means for adware and malware authors to sidestep macOS security mechanisms, mechanisms that otherwise would thwart infection attempts," Wardle said in a technical write-up of the flaw.
Earlier this April, Apple moved to quickly patch a then actively exploited zero-day flaw that could circumvent all security protections, thus permitting unapproved software to be run on Macs.
News URL
https://thehackernews.com/2021/12/expert-details-macos-bug-that-could-let.html
Related news
- North Korean hackers create Flutter apps to bypass macOS security (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- North Korean Hackers Target macOS Using Flutter-Embedded Malware (source)
- New RustyAttr Malware Targets macOS Through Extended Attribute Abuse (source)
- Researchers Uncover Malware Using BYOVD to Bypass Antivirus Protections (source)
- Phishers send corrupted documents to bypass email security (source)
- Windows, macOS users targeted with crypto-and-info-stealing malware (source)
- Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS (source)
- Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-24 | CVE-2021-30853 | Out-of-bounds Write vulnerability in Apple Macos This issue was addressed with improved checks. | 5.5 |