Security News > 2022 > December > Microsoft Details Gatekeeper Bypass Vulnerability in Apple macOS Systems
Microsoft has disclosed details of a now-patched security flaw in Apple macOS that could be exploited by an attacker to get around security protections imposed to prevent the execution of malicious applications.
The shortcoming, dubbed Achilles, was addressed by the iPhone maker in macOS Ventura 13, Monterey 12.6.2, and Big Sur 11.7.2, describing it as a logic issue that could be weaponized by an app to circumvent Gatekeeper checks.
Gatekeeper is a security mechanism designed to ensure that only trusted apps run on the operating system.
Thus when an unsuspecting user downloads a potentially harmful app that impersonates a piece of legitimate software, the Gatekeeper feature prevents the apps from being run as it's not validly signed and notarized by Apple.
Given the crucial role played by Gatekeeper in macOS, it's hard not to imagine the consequences of sidestepping the security barrier, which could effectively permit threat actors to deploy malware on the machines.
"Fake apps remain one of the top entry vectors on macOS, indicating Gatekeeper bypass techniques are an attractive and even a necessary capability for adversaries to leverage in attacks," Bar Or said.
News URL
https://thehackernews.com/2022/12/microsoft-details-gatekeeper-bypass.html
Related news
- Microsoft investigates OneDrive issue causing macOS app freezes (source)
- North Korean hackers create Flutter apps to bypass macOS security (source)
- Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308) (source)
- Ivanti warns of maximum severity CSA auth bypass vulnerability (source)
- Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability (source)
- Patch Tuesday: Microsoft Patches One Actively Exploited Vulnerability, Among Others (source)
- Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS (source)