Apple has fixed a flaw in macOS discovered by Microsoft and capable of playing Isolation mode

Last July, teams of Microsoft security researchers pinpointed the CVE-2022-42821 flaw. (also referred to by its small name of Achille) also allowing bypassing the Gatekeeper security mechanism put in place by Apple, but the Isolation mode (Lockdown in VO) introduced with macOS Ventura.

CVE-2022-42821 aka Achilles flaw

The Microsoft 365 Defender Research Team warned Cupertino in the aftermath which was then deployed fixes needed with macOS Ventura 13.1, Monterey 12.6.2, and Big Sur 11.7.2 updates on December 13. Microsoft has released a detailed blog post on the Achilles flaw, the latter relying on the modification of a file (via the AppleDouble and ACL mechanisms) deceiving Gatekeeper and preventing the system from warning the user of the danger potential . Updates to the last three versions of macOS provide protection against this type of attack, and are therefore recommended for all users.

Gatekeeper and Isolation mode aren’t foolproof

No security system is truly tamper-proof, and Gatekeeper has been bypassed many times in the past. The Microsoft 365 Defender Research Team was also inspired by previous flaws, particularly those that prevent the system from assigning a file the quarantine attribute (, in order to set up Achilles. As a reminder, the Isolation mode of iOS 16, iPadOS 16 and macOS 13 Ventura was designed to protect people (politicians, opponents of the system, journalists) who could be the target of disabled attacks (often very disabled and accelerated by states). For this, the mode blocks attachments, active links and images within Mail and Messages, requests that have not been initiated by users, or even connections when the device is locked.

The editor recommends:

Leave a Comment