Security News > 2025 > January > Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation
2025-01-14 16:53
Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as "root" to bypass the operating system's System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. The vulnerability in question is CVE-2024-44243 (CVSS score: 5.5), a medium-severity bug
News URL
https://thehackernews.com/2025/01/microsoft-uncovers-macos-vulnerability.html
Related news
- Microsoft fixes OneDrive bug causing macOS app freezes (source)
- Microsoft: macOS bug lets hackers install malicious kernel drivers (source)
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344) (source)
- Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) (source)
- Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability (source)
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score (source)
- Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) (source)
- Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-12 | CVE-2024-44243 | Unspecified vulnerability in Apple Macos 15.0/15.1/15.1.1 A configuration issue was addressed with additional restrictions. | 5.5 |