Security News > 2022 > December > Microsoft Details Gatekeeper Bypass Vulnerability in Apple macOS Systems
Microsoft has disclosed details of a now-patched security flaw in Apple macOS that could be exploited by an attacker to get around security protections imposed to prevent the execution of malicious applications.
The shortcoming, dubbed Achilles, was addressed by the iPhone maker in macOS Ventura 13, Monterey 12.6.2, and Big Sur 11.7.2, describing it as a logic issue that could be weaponized by an app to circumvent Gatekeeper checks.
Gatekeeper is a security mechanism designed to ensure that only trusted apps run on the operating system.
Thus when an unsuspecting user downloads a potentially harmful app that impersonates a piece of legitimate software, the Gatekeeper feature prevents the apps from being run as it's not validly signed and notarized by Apple.
Given the crucial role played by Gatekeeper in macOS, it's hard not to imagine the consequences of sidestepping the security barrier, which could effectively permit threat actors to deploy malware on the machines.
"Fake apps remain one of the top entry vectors on macOS, indicating Gatekeeper bypass techniques are an attractive and even a necessary capability for adversaries to leverage in attacks," Bar Or said.
News URL
https://thehackernews.com/2022/12/microsoft-details-gatekeeper-bypass.html
Related news
- Microsoft Reveals macOS Vulnerability that Bypasses Privacy Controls in Safari Browser (source)
- Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers (source)
- Apple's latest macOS release is breaking security software, network connections (source)
- Microsoft Office 2024 now available for Windows and macOS users (source)
- Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability (source)
- New Mamba 2FA bypass service targets Microsoft 365 accounts (source)
- CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) (source)
- Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel (source)