Gatekeeper, the system used by macOS to authenticate applications, has a vulnerability. Without a warning, malware may have been injected. Here are the explanations.
On macOS, a fresh serious security hole has been the subject of a new discovery. Microsoft cybersecurity researcher Jonathan Bar Or was able to identify this problem. The specifics of this new vulnerability are covered in a blog post by Microsoft Security Threat Intelligence that was posted on Monday, December 19.
Microsoft discovers a security flaw in macOS
The CVE-2022-42821 flaw, which they call “Achilles” since July 27, 2022, enables getting around Apple’s Gatekeeper protection. Software downloaded from the internet can be verified thanks to a program created by the Apple company.
According to a statement by Apple on its website, “when you install Mac programs, add-ons, and installers that aren’t from the App Store, macOS validates the developer’s ID signature to make sure the product is from an identified source and hasn’t got modifications”. Thus, the user is secure against the download of viruses and other harmful software.
Jonathan Bar Or shows the recently found weakness via a PoC, or Proof of Concept (prototype). He was able to create a program that prevents a file from adding to the ACL (Access Control List). The browser downloaded program was no longer marked as “unverified,” and it could subsequently be installed without encountering any problems.
By using this method, hackers might be able to spread malware. Without Gatekeeper being able to determine where it came from and who developed it.
Gizchina News of the week
An update is already available
The Apple teams were aware of the problem at that time. A rapid security update was available. The bug got a fix on December 13th in macOS 13 (Ventura), macOS 12.6.2 (Monterey), and macOS 1.7.2 (Big Sur). According to our colleagues at BleepingComputer.
So, this kind of zero day flaw will not be a problem. By the Lockdown mode that Apple created and included in macOS Ventura. However, according to researchers at Microsoft Security Threat Intelligence, the computer is not immune to the “Achilles” flaw. Regardless of the activation status of Lockdown Mode, the experts advise end users to apply the patch. Apple claims that it has fixed the problem by doing better checks.
macOS security flaws by year
| 2022 | 93 |
| 2021 | 332 |
| 2020 | 314 |
| 2019 | 308 |
| 2018 | 110 |
| 2017 | 308 |
| 2016 | 218 |
| 2015 | 407 |
| 2014 | 132 |
| 2013 | 69 |
| 2012 | 40 |
| 2011 | 79 |