Tech News

Apple fixes bug that lets malicious apps bypass macOS security protections • InNewCL

Photo of Editor Editor Send an email December 20, 2022
5 1 minute read

Apple fixes bug that lets malicious apps bypass macOS security protections • InNewCL

#Apple #fixes #bug #lets #malicious #apps #bypass #macOS #security #protections #InNewCL Welcome to InNewCL, here is the new story we have for you today:

Click Me To View Restricted Videos

Microsoft says a vulnerability it discovered in a core macOS security feature, Gatekeeper, may have allowed attackers to compromise vulnerable Macs with malware.

The bug, tracked as CVE-2022-42821, was first uncovered by Microsoft’s lead security researcher Jonathan Bar Or and dubbed the “Achilles” vulnerability. Bar Or said the bug could allow malware to bypass Gatekeeper’s protections on macOS.

First introduced in 2012, Gatekeeper is a security feature designed to allow only trusted software to run on macOS. The feature automatically verifies that all apps downloaded from the Internet are from identified developers who have been “certified” by Apple and whose apps are known to be free of malicious content.

Microsoft’s Bar Or explained in a blog post that macOS adds a “quarantine” attribute to apps and files downloaded from a web browser, instructing Gatekeeper to scan the file before it can be opened. However, the Achilles vulnerability uses a file permissions model called Access Control Lists (ACLs) to add extremely restrictive permissions to a downloaded file, preventing web browsers from properly setting the quarantine attribute.

Exploiting the flaw could trick a user into downloading and opening a malicious file on macOS without triggering Gatekeeper’s security measures.

Microsoft reported the Achilles bug in July, but Apple only confirmed last week that the vulnerability was fixed.

Bar Or said lockdown mode, an opt-in feature Apple introduced earlier this year to help high-risk users block some of the more sophisticated cyberattacks, doesn’t protect against the Achilles vulnerability would, as lockdown mode aims to silently and remotely stop “zero-click” attacks that do not require user interaction. “End users should apply the fix regardless of their status in lockdown mode,” Bar Or said.

Achilles is just one of many gatekeeper bypasses that have been uncovered in recent years. In April 2021, Apple fixed a zero-day vulnerability in macOS that allowed the threat actors behind the infamous Shlayer malware to bypass Apple’s gatekeeper and notarized security checks.

Click Here To Continue Reading From Source

Photo of Editor Editor Send an email December 20, 2022
5 1 minute read
Photo of Editor

Editor

Related Articles

Big Tech: Extending the lifecycle of IT equipment means big savings with little effort

Big Tech: Extending the lifecycle of IT equipment means big savings with little effort

33 mins ago
Watch live as astronauts install solar panels outside the ISS

Watch live as astronauts install solar panels outside the ISS

2 hours ago
The collapse of the Kakhovka dam is an ecological disaster | WIRED

The collapse of the Kakhovka dam is an ecological disaster | WIRED

3 hours ago
Carvana Nirvana? Shorted shares soar 56% as company forecasts record earnings

Carvana Nirvana? Shorted shares soar 56% as company forecasts record earnings

4 hours ago
Back to top button