Tech 

Microsoft discovers vulnerability in macOS systems

Microsoft has discovered a security flaw in macOS. With it, it was possible to bypass the Gatekeeper mechanism, which protected against the installation of unauthorized applications. Apple fixed the vulnerability very quickly.

Microsoft announced on its website that on July 27, 2022, it discovered a vulnerability in macOS. Thanks to it, criminals could bypass the application execution restrictions imposed by the Gatekeeper mechanism. It is designed to check if programs are reliable. The Redmond company created an exemplary exploit, thanks to which it demonstrated to Apple the potential danger.

Achilles – because that’s the name Microsoft gave to the vulnerability – was created by Apple deleted very quickly. The website of the company responsible for the “windows” indicates that “Fixes for the vulnerability, now identified as CVE-2022-42821, were promptly released by Apple for all of its operating system versions.”

Goalkeeper with a weak point

Cupertino’s corporate security system is designed to check whether installed apps are trusted by it. If not, the user is notified with an alert.

Photo. Microsoft

Achilles allows special payloads (fragments of data) to abuse a logical fallacy. We read on BleepingComputer that this happens “to set restrictive access control list (ACL) permissions that prevent web browsers and web downloaders from setting the com.apple.quarantine attribute for downloaded payloads archived as ZIP files.” This is how malware bypasses the Gatekeeper security system. Before this type of error even lock mode does not protectwhich is intended for users who are particularly vulnerable to advanced attacks.

In such situations, it remains only to look carefully at the applications that we install. There is no system in the world that cannot be broken. Even the best-protected operating system may not protect against an attack. That’s why your best defense is common sense and mindfulness when browsing the Internet and installing programs.

Also check:

GOG Winter Sale – over 4,500 games at lower prices. There will be free titles!

References: 1, 2

Related posts

Leave a Comment