The ‘Achilles heel’ of macOS; a new critical security flaw reported by Microsoft.
Jonathan Bar Or, Microsoft’s principal security researcher, discovered and reported a flaw within macOS’s systems that allowed vulnerabilities which hackers might have been able to exploit.
The bug, (CVE-2022-42821), which could have allowed malware and untrusted applications bypass execution restrictions, has been named Achilles.
Mac devices are built in with Gatekeeper, a security feature that checks apps downloaded from the internet automatically. It reviews whether the apps or downloads are reviewed and approved by Apple. It also performs a check with the user to confirm launching as well as letting users know if the app is untrusted.
The bug, Achilles, abused flaws that allowed apps and downloads to be launched automatically without being reviewed by Gatekeeper. Hackers would have been able to use this flaw to launch malware within systems without user knowledge. This is not the first Gatekeeper bypass either. Multiple others have been discovered in the last few years by researchers.
Lockdown Mode, a new security feature introduced by Apple recently, has been determined to not be effective against Achilles.
“Apple’s Lockdown Mode, introduced in macOS Ventura as an optional protection feature for high-risk users that might be personally targeted by a sophisticated cyberattack, is aimed to stop zero-click remote code execution exploits, and therefore does not defend against Achilles.”
encouraged to keep their devices up to date on upgrades in order to remain as protected as possible from hackers and vulnerabilities.
Apple has since addressed and patched the vulnerability on macOS 13, 12.6.2, and 1.7.2 (Ventura, Monterey, Big Sur.)
All macOS users are encouraged to keep their devices up to date on upgrades in order to remain as protected as possible from hackers and vulnerabilities.
Don’t think it can’t happen to you and fall victim to a data breach or cybersecurity risk. We at Motiva Networks can help you make a plan and see if your data has been compromised with a Free Confidential Cybersecurity Risk Assessment.