![]() ![]() The bug meant that macOS was misclassifying certain app bundles and skipping security checks, allowing Owens’ proof-of-concept app to run unimpeded. In a technical blog post today, Wardle explained that the vulnerability triggers due to a logic bug in macOS’ underlying code. Owens asked Mac security researcher Patrick Wardle to investigate how - and why - the bug works. Apple also patched earlier macOS versions to prevent abuse, and pushed out updated rules to XProtect, macOS’ in-built anti-malware engine, to block malware from exploiting the vulnerability. (Image: supplied)įearing the potential for attackers to abuse this vulnerability, Owens reported the bug to Apple.Īpple told TechCrunch it fixed the bug in macOS 11.3. The proof-of-concept app disguised as a harmless document running on an unpatched macOS machine. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |