thanks to Microsoft, macOS users miss a big vulnerability

If you are a macOS user and your system is not up to date, do this quickly, your security is at stake. Microsoft has discovered a flaw in Apple’s OS, and the patch has already been released.

MacBook on a table

If there was a time when Apple and Microsoft were two absolute enemies, this is no longer true at all in 2022. Jonathan Bar Or, a computer security researcher from the Redmond giant, found a flaw in macOS, and immediately reported it to Apple technicians. CE bug affects macOS Ventura, macOS Big Sur (11.7.2), macOS Monterey (12.6.2).

The flaw named Achilles and followed theidentifier CVE-2022-42821, exploits a bug in GateKeeper, a macOS security mechanism that allows apps to be downloaded before allowing them to run. When the user downloads a file on the Web, GateKeeper applies that its code has been approved by Apple, and asks for confirmation from the Internet user. Hackers can fool GateKeeper by preventing it from adding a file to the ACL (Access Control List), a list of files to place in quarantine if they are of questionable origin.

Microsoft discovery saves Mac users big headaches

By bypassing GateKeeper’s quarantine, cybercriminals can download and accuse malicious code to the target computer. According to Microsoft, the controls put in place by Apple, including Isolation modewhich when enabled raises the security level of macOS to its maximum to protect users from the most sophisticated attacks, are useless against Achilles.

macOS users like to say that they are less prone to attacks and viruses because their operating system is more secure. As this new flaw proves, the GateKeeper functionality is far from being a guarantee of security. Thanks to Microsoft’s help, Apple teams were able to create a patch against Achilles. It is strongly recommended to apply it as soon as possible if you use a Mac. The engineers of the Redmond firm add: “Users should apply the patch regardless of their Isolation mode status”.

Source: Microsoft

Leave a Comment