Security News > 2025 > January > Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation
2025-01-14 16:53
Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as "root" to bypass the operating system's System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. The vulnerability in question is CVE-2024-44243 (CVSS score: 5.5), a medium-severity bug
News URL
https://thehackernews.com/2025/01/microsoft-uncovers-macos-vulnerability.html
Related news
- Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308) (source)
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
- Microsoft fixes exploited zero-day (CVE-2024-49138) (source)
- Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability (source)
- Patch Tuesday: Microsoft Patches One Actively Exploited Vulnerability, Among Others (source)
- BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356) (source)
- Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks (source)
- Microsoft fixes OneDrive bug causing macOS app freezes (source)
- Microsoft: macOS bug lets hackers install malicious kernel drivers (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-12 | CVE-2024-44243 | Unspecified vulnerability in Apple Macos 15.0/15.1/15.1.1 A configuration issue was addressed with additional restrictions. | 5.5 |