Bug that let malicious files slip past defenses now fixed in Big Sur 11.3 Share
Copy
Apple has released macOS 11.3, fixing a serious flaw that allowed an attacker to sneak malicious files past the operating system s Gatekeeper security mechanism.
Gatekeeper is one of the primary macOS defenses against the installation of malware, explained Cedric Owens, the security researcher who found the bug, in a message to
The Register.
The vulnerability, he said, lets an attacker rig a malicious file so it won t get blocked by Gatekeeper when a user tries to open it. He considers it to be one of the most dangerous he s encountered on recent versions of macOS.
Apple in macOS Big Sur 11.3 fixed a bug that could have allowed attackers to bypass the Mac s security mechanisms with a malicious document.
The software flaw allowed attackers to create a malicious application that could masquerade as a document,
TechCrunchreported Monday. Security researcher Cedric Owens first discovered the bug in March.
According to Owens, all the user would need to do is double click and no macOS prompts or warnings are generated. The researcher created a proof-of-concept app that exploited the flaw to launch the Calculator app.
Although Owens demonstration app was harmless, a malicious attacker could have leveraged the vulnerability to remotely access sensitive data or other information on a user s machine by tricking them into clicking a spoofed document.
Update Your Mac Now: The Worst Hack In Years Hits Apple Computers forbes.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from forbes.com Daily Mail and Mail on Sunday newspapers.