BUG Mac OS
BUG Mac OS
Written by
The latest release of MacOS Catalina has not addressed a bug in Apple’s Mail application.It’s a bug that reaches back to 2016 and the launch MacOS 10.12 Sierra, and it is continuing to cause. https://norequiredfreedeposityqebonus-meet.peatix.com. Licious vs the bread mac os. Mac users urged to update OS to fix 'massively bad' bug UnitingCare Queensland hit by cyber attack Telstra, Optus, TPG drop $650m on ultra-fast 5G spectrum at auction.
Wardle told CyberScoop that “it has the potential to be the most impactful bug to everyday macOS users.” The issue existed due to a logic bug that made it so hackers could target users with malicious applications that bypass Apple ’s efforts to block bad applications, according to Wardle. Owens asked Mac security researcher Patrick Wardle to investigate how — and why — the bug works. In a technical blog post today, Wardle explained that the vulnerability triggers due to a logic. A serious security bug, with the identifier CVE-2021-30657, has recently been publicized and patched. However, it has been used in the wild since early January and affects devices with macOS version 10.15 to 11.2 but has been patched as of 11.3.
Written byApple has been working for years to protect users from bad applications and developers seeking to exploit unsuspecting users and target them with malware. But hackers recently found a workaround that circumvents even the latest MacOS protections and have been exploiting the flaw, according to researchers.
Apple released MacOS Big Sur 11.3 Monday, an update which contains a security update meant to fix the issue, an Apple spokesperson told CyberScoop. Security researcher Cedric Owens originally found the problem, present in MacOS Catalina 10.15 and MacOS Big Sur, in March. Security researcher Patrick Wardle — who also investigated the flaw — said it allowed hackers to get past Apple’s various methods of keeping bad code from users, such as Gatekeeper, File Quarantine or its application notarization review process.
Big Mac Salad
All users had to do was double click when presented with a seemingly benign document, a .dmg file, and the hackers then could have remote access to victims’ machines, Owens wrote to CyberScoop.
This “is the most dangerous macOS phishing payload that I have encountered to date given that the victim has only to: 1. extract the .dmg or .zip file, and 2. double click the payload,” Owens said. “Gatekeeper and other macOS security mechanisms did not alert the user and so there is no indication of malware infection.”
Wardle told CyberScoop that “it has the potential to be the most impactful bug to everyday macOS users.”
The issue existed due to a logic bug that made it so hackers could target users with malicious applications that bypass Apple’s efforts to block bad applications, according to Wardle. The issue made it so malicious applications would be mischaracterized and hit users without any alerts that a bad app had infiltrated victims’ machines, Wardle said in a blog about the research Monday.
Despite all of Apple’s work to protect users from malware, the workaround put macOS users back to security levels present in approximately 2007, Wardle said.
“Basically macOS security (in the context of evaluating user launched applications, which recall, accounts for the vast majority of macOS infections) was made wholly moot,” Wardle wrote in the blog.
Hackers already took note in recent months of the issue and have been running a campaign targeting MacOS users with a version of Shlayer malware, security researchers at Jamf revealed in a blog published Monday. The hackers have been using the vulnerability — packaging their malware as an application that is unnotarized and unsigned to bypass the protections — since at least January, according to Jamf.
The update, however, should now make it so that untrusted and uncategorized applications will be blocked.
“Though this bug is now patched, it clearly (yet again) illustrates that macOS is not impervious to incredibl[y] shallow, yet hugely impactful flaws,” Wardle said. Bahamian rhapsody mac os.
It’s just the latest issue that Apple has had to grapple with in the last several weeks. Earlier this month researchers revealed they found a flaw that was leaking email addresses from Apple’s AirDrop.
Big Mac Os
-In this Story-
Apple, MacOS, vulnerabilities, vulnerability disclosureBUG Mac OS