Tech News

Apple fixes bug that lets malicious apps bypass macOS security protections • InNewCL

Apple fixes bug that lets malicious apps bypass macOS security protections • InNewCL

#Apple #fixes #bug #lets #malicious #apps #bypass #macOS #security #protections #InNewCL Welcome to InNewCL, here is the new story we have for you today:

Click Me To View Restricted Videos

Microsoft says a vulnerability it discovered in a core macOS security feature, Gatekeeper, may have allowed attackers to compromise vulnerable Macs with malware.

The bug, tracked as CVE-2022-42821, was first uncovered by Microsoft’s lead security researcher Jonathan Bar Or and dubbed the “Achilles” vulnerability. Bar Or said the bug could allow malware to bypass Gatekeeper’s protections on macOS.

First introduced in 2012, Gatekeeper is a security feature designed to allow only trusted software to run on macOS. The feature automatically verifies that all apps downloaded from the Internet are from identified developers who have been “certified” by Apple and whose apps are known to be free of malicious content.

Microsoft’s Bar Or explained in a blog post that macOS adds a “quarantine” attribute to apps and files downloaded from a web browser, instructing Gatekeeper to scan the file before it can be opened. However, the Achilles vulnerability uses a file permissions model called Access Control Lists (ACLs) to add extremely restrictive permissions to a downloaded file, preventing web browsers from properly setting the quarantine attribute.

Exploiting the flaw could trick a user into downloading and opening a malicious file on macOS without triggering Gatekeeper’s security measures.

Microsoft reported the Achilles bug in July, but Apple only confirmed last week that the vulnerability was fixed.

Bar Or said lockdown mode, an opt-in feature Apple introduced earlier this year to help high-risk users block some of the more sophisticated cyberattacks, doesn’t protect against the Achilles vulnerability would, as lockdown mode aims to silently and remotely stop “zero-click” attacks that do not require user interaction. “End users should apply the fix regardless of their status in lockdown mode,” Bar Or said.

Achilles is just one of many gatekeeper bypasses that have been uncovered in recent years. In April 2021, Apple fixed a zero-day vulnerability in macOS that allowed the threat actors behind the infamous Shlayer malware to bypass Apple’s gatekeeper and notarized security checks.

Click Here To Continue Reading From Source

Related Articles

Back to top button