Researcher detects vulnerability in macOS for a malware

People are currently reading this guide.

Researcher detects vulnerability in macOS for a malware
Image Credits: The Hacker News
Consider this potential vulnerability if you open an application on Mac: security researchers have found a way for malware makers to avoid protecting the drivers of Mac OS access to execute malicious code.

Filippo Cavallarin details the security weaknesses on its website and explains how it works with Gatekeepers, a feature that encourages users to confirm that they want to install applications outside the Mac App Store.

The solution lies in how macOS handles network sharing and treats them as a secure system: the system may have to open files from zip files that contain malicious code. In theory, potential hackers can execute the code of their choice.

Although vulnerabilities still require someone to open zip files and trust the files they contain to function, this seems to be an effective way to avoid the protection of the Gatekeeper.

90 days delay
Cavallarin said he talked about a problem with Apple 90 days ago and was convinced that the problem was resolved. However, it seems that the latest MacOS 10.14.5 is still vulnerable.

"This problem must be resolved, according to the supplier, on May 15, 2019, but Apple started sending me emails," Cavallarin said. "Because Apple knows the deadline for publishing my 90 days, I will make this information public."

So far, Apple hasn't responded to Cavallarin's report, so we don't know when the vulnerability will be fixed (or whether it will function exactly as Cavallarin said in the report).

This is a reminder to handle all incoming files with suspicion, regardless of the operating system you are using, especially if they have the ability to run code on your computer.

You have our undying gratitude for your visit!