• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
apple issues patch for macos security bypass vulnerability

Apple issues patch for macOS security bypass vulnerability

You are here: Home / General Cyber Security News / Apple issues patch for macOS security bypass vulnerability
December 20, 2022

Shutterstock

Apple has fixed a vulnerability in macOS that could have permitted attackers to bypass software limits on the tech giant’s Gatekeeper system.  

The vulnerability, tracked as CVE-2022-42821 and dubbed ‘Achilles’, was 1st uncovered by researchers at Microsoft and shared with Apple by means of the Coordinated Vulnerability Disclosure (CVD) system.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Microsoft reported the Achilles flaw could have enabled hackers to gain access to operating programs and down load or deploy malware on Mac devices.  

Apple confirmed it patched the bug on 13 December in its raft of security updates for macOS 13, macOS 12.6.2 and macOS 1.7.2. 

Achilles exploited Apple’s Gatekeeper security system employed on Macs which is accountable for checking downloaded apps to be certain that they are genuine, and is effective by demanding the consumer to validate or authorise launching an application that may well have been flagged by the mechanism.

Apple’s Gatekeeper technique operates in a very similar style to Microsoft’s own Mark of the Web (MOTW) protocols.  

“When downloading apps from a browser, like Safari, the browser assigns a distinctive prolonged attribute to the downloaded file,” researchers defined.  

“That attribute is named com.apple.quarrantine and is later on employed to implement policies these as Gatekeeper or selected mitigations that stop sandbox escapes.” 

Microsoft claimed the Achilles flaw would permit attackers to leverage qualified payloads to abuse Obtain Handle Lists (ACLs) – a system in macOS that offers further safety to the typical authorization design.  

If exploited, the flaw intended that a destructive application downloaded by a person would launch on their process alternatively of getting blocked by Gatekeeper.  

Apple released Lockdown Manner in macOS Ventura to mitigate the risk of zero-click remote code execution (RCE) exploits. Having said that, scientists mentioned that this optional aspect for higher-risk end users would not defend against Achilles.  

“End-users should utilize the deal with irrespective of their Lockdown Manner status,” explained Jonathan Bar Or of the Microsoft 365 Defender Researcher Staff.  

Gatekeeper vulnerabilities 

Bar Or said that although Gatekeeper is “essential” in spotting malware on macOS, there have been many historic examples of flaws which enabled attackers to bypass the program.  

“Gatekeeper is not bulletproof,” he mentioned. “Gaining the means to bypass Gatekeeper has dire implications as in some cases malware authors leverage those procedures for preliminary access.” 

Security scientists at Microsoft beforehand uncovered the Shrootless flaw in 2021 which enabled hackers to bypass the Procedure Integrity Protection (SIP) attribute and govt malicious code.  

Similarly, in April 2021 Apple issued a fix for a critical zero-day vulnerability in macOS which allowed the group powering the Shlayer malware to bypass Apple Gatekeeper, File Quarantine, and Notarisation protocols. 

Apple released its Notarisation procedure in February 2020 to counter expanding threats to macOS. On the other hand, experimentation by a university pupil unveiled that the Shlayer adware slipped earlier the protocol.  

Bar Or observed that the exploration highlights the critical job that collaborative investigation plays in bolstering safety abilities across platforms and the broader marketplace landscape.  

“As environments proceed to rely on a assorted assortment of equipment and working techniques, organisations will need security options that can present defense throughout platforms and a total picture of their security posture,” he stated.  

“This circumstance also emphasised the will need for accountable vulnerability disclosures and skilled, cross-platform collaboration to correctly mitigate issues, protecting customers from present and potential threats.” 


Some sections of this write-up are sourced from:
www.itpro.co.uk

Previous Post: «Cyber Security News UK Privacy Regulator Names and Shames Breached Firms
Next Post: KmsdBot Botnet Suspected of Being Used as DDoS-for-Hire Service kmsdbot botnet suspected of being used as ddos for hire service»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • WhatsApp Unveils Proxy Support to Tackle Internet Censorship
  • Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub
  • Blind Eagle Hacking Group Targets South America With New Tools
  • US Family Planning Non-Profit MFHS Confirms Ransomware Attack
  • Microsoft Reveals Tactics Used by 4 Ransomware Families Targeting macOS
  • Dridex Malware Now Attacking macOS Systems with Novel Infection Method
  • Cyber attacks on UK organisations surged 77% in 2022, new research finds
  • WhatsApp to combat internet blackouts with proxy server support
  • The IT Pro Podcast: Going passwordless
  • Podcast transcript: Going passwordless

Copyright © TheCyberSecurity.News, All Rights Reserved.