Security News > 2022 > December > Microsoft finds macOS bug that lets malware bypass security checks

Apple has fixed a vulnerability attackers could leverage to deploy malware on vulnerable macOS devices via untrusted applications capable of bypassing Gatekeeper application execution restrictions.

Found and reported by Microsoft principal security researcher Jonathan Bar Or, the security flaw is now tracked as CVE-2022-42821.

Apple addressed the bug in macOS 13, macOS 12.6.2, and macOS 1.7.2 one week ago, on December 13.

Gatekeeper is a macOS security feature that automatically checks all apps downloaded from the Internet if they are notarized and developer-signed, asking the user to confirm before launching or issuing an alert that the app cannot be trusted.

Microsoft said on Monday that "Apple's Lockdown Mode, introduced in macOS Ventura as an optional protection feature for high-risk users that might be personally targeted by a sophisticated cyberattack, is aimed to stop zero-click remote code execution exploits, and therefore does not defend against Achilles."

Last but not least, Apple fixed a zero-day macOS vulnerability in April 2021 that enabled threat actors behind the notorious Shlayer malware to circumvent Apple's File Quarantine, Gatekeeper, and Notarization security checks and download more malware on infected Macs.

News URL

https://www.bleepingcomputer.com/news/security/microsoft-finds-macos-bug-that-lets-malware-bypass-security-checks/