The Achilles vulnerability, discovered by Microsoft, and combined by Apple in recent macOS Ventura, Monterey, and Big Sur updates.
Those who haven’t updated their Mac computer to the latest version of Ventura, Monterey or Big Sur, should hurry to do so. Indeed, a nasty bug discovered by Microsoft and fixed in updates released by Apple last week could be used by an attacker to bypass the manufacturer’s strict security protections and install malware on Mac computers.
On a security blog, Microsoft explained how the Achilles vulnerability was exploited. Basically, this one uses a macOS file format called AppleDouble that includes ACLs with restrictive permissions to trick Gatekeeper, a macOS feature that prevents the installation of faulty software. Once Gatekeeper is bypassed, software installation can proceed without the user being notified or prevented by any part of the system, even in Isolation or Lockdown mode. Microsoft points out that because Apple’s new Lockdown Mode aims to stop zero-click remote code execution exploits, it’s defenseless against the Achilles vulnerability.
The Achilles flaw fixed in macOS Ventura as of October 2022
Registered in the National Vulnerability Database under the reference CVE-2022-42821, the Achilles flaw was discovered by Microsoft last July. It is customary for vulnerability discoverers to disclose their findings after patches are released. What Microsoft did by posting a proof-of-concept demo video for Achilles can be viewed here. According to Apple’s security notes accompanying the release of macOS Ventura that shipped in October, Achilles has been fixed. But the mention of the correction was not in the original version of the notes and was only added on December 13. Apple also fixed Achilles in macOS Monterey and Big Sur in updates released last week.
It was in 2012, with Mac OS X Mountain Lion, that Apple introduced the Gatekeeper function in its system. Since then, a few security vulnerabilities have been patched (Microsoft’s blog lists six recent vulnerabilities in addition to Achilles). Even though Gatekeeper is an important feature to protect the Mac, it is not perfect. This is one more reason why it is always best to install the latest operating system updates as soon as possible.