You can now find Cyber Kendra on Google News | Telegram

Posts

Hackers used 0Day vulnerability to bypass macOS protection

The vulnerability allowed to bypass all OS security measures and run arbitrary software on computers running macOS.


Apple has released a security update for macOS that addresses the zero-day vulnerability (CVE-2021-30657). Its exploitation made it possible to bypass all OS security measures and run arbitrary software on computers running macOS.

“Exploiting the issue allows you to bypass all relevant macOS security mechanisms (file quarantine, gatekeeper, and signature requirements) even on a fully patched macOS M1,” said security researcher Patrick Wardle.

Apple macOS comes with a Gatekeeper feature that only runs trusted applications and ensures that the software is signed by the App Store or a registered developer.

However, the reported issue allows an attacker to design a rogue application in such a way as to trick the Gatekeeper service into launching it without issuing any security warning. The problem is related to the packaging of a malicious shell script disguised as an application that is launched with a double click.

According to information security firm Jamf, Shlayer malware operators exploited the Gatekeeper bypass vulnerability in attacks in January 2021. Attackers modified search engine results to expose malicious links that, when clicked, redirect users to a web page, ostensibly to download an application update for outdated software. The update was actually a bash script to silently install the Bundlore adware.

In addition to the 0Day vulnerability, Apple has also fixed a critical issue in the WebKit repository (CVE-2021-30661) that allows arbitrary code to execute on devices running iOS, macOS, tvOS, and watchOS.

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
Oops!
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.