Security News > 2025 > January > Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation

2025-01-14 16:53
Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as "root" to bypass the operating system's System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. The vulnerability in question is CVE-2024-44243 (CVSS score: 5.5), a medium-severity bug
News URL
https://thehackernews.com/2025/01/microsoft-uncovers-macos-vulnerability.html
Related news
- BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356) (source)
- Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks (source)
- Microsoft fixes OneDrive bug causing macOS app freezes (source)
- Microsoft: macOS bug lets hackers install malicious kernel drivers (source)
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344) (source)
- Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) (source)
- Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability (source)
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score (source)
- Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-12-12 | CVE-2024-44243 | Unspecified vulnerability in Apple Macos 15.0/15.1/15.1.1 A configuration issue was addressed with additional restrictions. | 5.5 |