A new dangerous vulnerability has been discovered in macOS. The vulnerability, tracked as CVE-2022-42821, could allow a malicious actor to gain full control of a macOS system.
CVE-2022-42821: What Is Known So Far?
Microsoft recently discovered a major security vulnerability in the macOS Gatekeeper, a system-level security feature on Macs. Dubbed CVE-2022-42821, the vulnerability could allow malicious code to bypass Gatekeeper’s protections on a Mac without the user’s knowledge.
“On July 27, 2022, Microsoft discovered a vulnerability in macOS that can allow attackers to bypass application execution restrictions imposed by Apple’s Gatekeeper security mechanism, designed to ensure only trusted apps run on Mac devices. We developed a proof-of-concept exploit to demonstrate the vulnerability, which we call “Achilles”. Gatekeeper bypasses such as this could be leveraged as a vector for initial access by malware and other threats and could help increase the success rate of malicious campaigns and attacks on macOS,” Microsoft shared in their report.
What Is Gatekeeper?
Gatekeeper is a feature that was introduced in Mac OS X Lion in 2011 and is designed to prevent applications from running on the system if they are not from a verified source. It works by verifying the signature of an application and checking if the signature is valid or not. If the signature is invalid, then Gatekeeper will block the application from running.
However, the vulnerability discovered by Microsoft allows malicious code to bypass Gatekeeper’s signature verification. The vulnerability is due to a flaw in the handling of applications that have a valid signature but are not from a verified source. This means that attackers can create malicious applications that appear to be from a legitimate source and bypass Gatekeeper’s protections.
Fortunately, Apple has already issued a patch for this vulnerability. All macOS users should make sure they have installed the latest version of Apple’s operating system to apply the existing patch. Additionally, users should always make sure they are running the latest version of their applications and regularly apply security updates from their software vendors.
Previous macOS Vulnerabilities
Another recently detected vulnerability in Apple’s OS is CVE-2022-32917. Reported anonymously, the zero-day flaw could allow malicious applications to perform arbitrary code execution attacks with kernel privileges.
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me: