Gatekeeper, the system used by macOS to authenticate applications, has a vulnerability. Without a warning, malware may have been injected. Here are the explanations.
On macOS, a fresh serious security hole has been the subject of a new discovery. Microsoft cybersecurity researcher Jonathan Bar Or was able to identify this problem. The specifics of this new vulnerability are covered in a blog post by Microsoft Security Threat Intelligence that was posted on Monday, December 19.
Microsoft discovers a security flaw in macOS
The CVE-2022-42821 flaw, which they call “Achilles” since July 27, 2022, enables getting around Apple’s Gatekeeper protection. Software downloaded from the internet can be verified thanks to a program created by the Apple company.
According to a statement by Apple on its website, “when you install Mac programs, add-ons, and installers that aren’t from the App Store, macOS validates the developer’s ID signature to make sure the product is from an identified source and hasn’t got modifications”. Thus, the user is secure against the download of viruses and other harmful software.
Jonathan Bar Or demonstrate the recently found weakness via a PoC, or Proof of Concept (prototype). He was able to create a program that prevents a file from adding to the ACL (Access Control List). The browser downloaded program was no longer marked as “unverified,” and it could subsequently be installed without encountering any problems.
By using this method, hackers might be able to spread malware. Without Gatekeeper being able to determine where it came from and who developed it.
An update is already available
The Apple teams were aware of the problem at that time. A rapid security update was available. The bug got a fix on December 13th in macOS 13 (Ventura), macOS 12.6.2 (Monterey), and macOS 1.7.2 (Big Sur). According to our colleagues at BleepingComputer.
So, this kind of zero day flaw will not be a problem. By the Lockdown mode that Apple created and included in macOS Ventura. However, according to researchers at Microsoft Security Threat Intelligence, the computer is not immune to the “Achilles” flaw. Regardless of the activation status of Lockdown Mode, the experts advise end users to apply the patch. Apple claims that it has fixed the problem by doing better checks.
macOS vulnerabilities by year
Gizchina News of the week
| 5 | 20 | 26 | 54 | 97 | 105 | 103 | 97 | 84 | 99 | 79 | 40 | 69 | 132 | 407 | 218 | 308 | 110 | 308 | 314 | 332 | 93 | 2001 5 2002 20 2003 26 2004 54 2005 97 2006 105 2007 103 2008 97 2009 84 2010 99 2011 79 2012 40 2013 69 2014 132 2015 407 2016 218 2017 308 2018 110 2019 308 2020 314 2021 332 2022 93 |
Source/VIA :
BleepingComputer