Security News > 2025 > January > Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation
2025-01-14 16:53
Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as "root" to bypass the operating system's System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. The vulnerability in question is CVE-2024-44243 (CVSS score: 5.5), a medium-severity bug
News URL
https://thehackernews.com/2025/01/microsoft-uncovers-macos-vulnerability.html
Related news
- Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457) (source)
- Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) (source)
- Microsoft Patches 125 Flaws Including Actively Exploited Windows CLFS Vulnerability (source)
- WhatsApp vulnerability could be used to infect Windows users with malware (CVE-2025-30401) (source)
- Microsoft: Windows CLFS Vulnerability Could Lead to ‘Widespread Deployment and Detonation of Ransomware’ (source)
- FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887) (source)
- Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) (source)
- CVE fallout: The splintering of the standard vulnerability tracking system has begun (source)
- Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035) (source)
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-12 | CVE-2024-44243 | Unspecified vulnerability in Apple Macos 15.0/15.1/15.1.1 A configuration issue was addressed with additional restrictions. | 5.5 |