The bug was given the common vulnerabilities and exposures (CVE) reference CVE-2021-30657 in Apple security notes, where it is described as a “logic issue” that could allow “a malicious application bypass Gatekeeper checks”. In a long technical blog post, fellow security researcher Patrick Wardle said the bug “trivially bypasses many core Apple security mechanisms, leaving Mac users at grave risk” and that “malware authors are already exploiting it in the wild as an 0day”. The bug was uncovered by security researcher Cedric Owens, who reported it to Apple. Apple Mac users are being urged to update to macOS Big Sur 11.3, released today, which patches a “massively bad” vulnerability that could allow malware to bypass layered protections built into the operating system.
0 Comments
Leave a Reply. |