PSA A safety researcher has found a flaw in macOS that might let an attacker view each file on a system. Using it, hackers can circumvent each layer of Mac safety, alter core system information, and entry the webcam. Apple patched it final yr, however older macOS variations are nonetheless susceptible.
Apple patched a extreme vulnerability in macOS Monterey final October, however older variations stay prone to a code injection methodology that may break a Mac large open. There are not any identified instances of attackers utilizing the exploit, but it surely might leak delicate info or grant a hacker elevated privileges.
The exploit can bypass two principal safety measures Apple designed to cease malicious code from spreading by a system. The first, macOS Sandbox, is meant to restrict malicious code to the app that it has contaminated. The second, System Integrity Protection (SIP), stops approved software program from reaching delicate information. Neither of those can cease the flaw in unpatched techniques.
The vulnerability works by hijacking the way in which macOS suspends applications when a consumer leaves them idle or shuts the system down. When the apps must wake again up, the system reads sure information to deliver them out of a saved state. That saved state is much less safe than apps are throughout regular operation.
Researcher Thijs Alkemade discovered a solution to alter the information macOS reads when reactivating suspended apps, which let him run code in methods the system did not intend. Alkemade might repeat the exploit to leap to totally different apps and in the end bypass SIP to vary some system information.
Alkemade’s identify seems amongst Apple’s acknowledgments for patches from April and October 2021, indicating the corporate fastened the vulnerability after he reported it. However, this can solely defend customers working the newest variations of macOS.
Previous incidents have proven Apple favors patching the newest variations of its working techniques regardless that many customers do not improve. In November, a cyberattack in Hong Kong utilized a vulnerability Apple had already patched in Monterey’s predecessor, Big Sur. The affected techniques had been working the model earlier than that – Catalina, which Apple solely fastened after the assault.
Even although probably nobody has used the newest vulnerability to date, it appears extreme sufficient that Apple ought to most likely patch it out of older macOS variations like Big Sur and Catalina sooner somewhat than later.