Apple fixes ‘serious’ MacOS security exploit found by Microsoft

Apple fixes 'serious' MacOS security exploit found by Microsoft

This so-called ‘migraine’ vulnerability could allow an attacker to perform arbitrary operations on a Mac, hide malicious files from monitoring tools, and attack the system kernel.

Apple MacBook Air (Credit: Molly Flores)

Apple has fixed a “hard” exploit that could allow attackers to bypass macOS System Integrity Protection (SIP) and install “non-removable” malware while accessing private data on a Mac.

Microsoft, which was the first to spot the bug, says(Opens in a new window) that the vulnerability (CVE-2023-32369(Opens in a new window) or “Migraine”) could allow an attacker to perform arbitrary operations on a Mac, hide files from all monitoring tools and extend the reach of malware to attack the system kernel.

Apple introduced SIP with OS X El Capitan in 2015. It is a security mechanism for macOS that prevents potential malware from changing folders and files by preventing apps from gaining root access to the operating system.

As 9to5Mac(Opens in a new window) points out, Microsoft discovered that SIP could be bypassed by exploiting a special Apple-designed right that grants unrestricted root access to the macOS Migration Assistant tool, which helps users transfer data from a Mac or Windows PC to another Mac.

Because the Migration Assistant Tool is typically only accessible during the process of setting up a new user account, Microsoft modified the tool so that it could run while the user was still logged in and without physical access to the Mac. This alteration caused the application to failed, so security researchers ran the Configuration Assistant in debug mode, which ignored the changes made in the Migration Assistant tool.

See also  2,000-year-old 'perfectly preserved' mummy still has internal organs intact

At this point, the researchers created a small 1 GB Time Machine backup containing malware, before creating an AppleScript that carried the malware and interacted with the Migration Assistant interface without the user being aware.

You don’t need to worry about the exploit if your Mac is running the latest version of macOS Ventura, macOS Monterey 12.6.6, or macOS Big Sur 11.7.7, released on May 18, as they all contain a patch. You can install the latest version of macOS by going to System Settings > General > Software Update.

Categories: Trending
Source: englishtalent.edu.vn

Leave a Comment