Jamf details scary iCloud flaw that was exploitable until this fall

Macworld

Jamf on Tuesday revealed the details of an iCloud vulnerability that was fixed with the release of iOS 18, iPadOS 18, and macOS 15 Sequoia. The vulnerability involved the Transparency, Consent, and Control (TCC) subsystem, and when successfully exploited, would allow an app to access contact information, GPS locations, photos, are other sensitive data.

The TCC in iOS, iPadOS, and macOS alerts the user when an app wants to access sensitive data; the user can then grant or deny access. In this instance, the vulnerability allows a malicious app to intercept and redirect the files when a user moves or copies files from the Files app, without alerting the user that the app is accessing the data. The files are then saved to an area defined by the malicious app and can be moved to a remote server. This vulnerability was recorded as CVE-2024-44131 in the National Vulnerability Database.

Apple provided a fix when it released iOS 18, iPadOS 18, and macOS 15 Sequoia. Apple also released security updates in macOS Sonoma 14.7.1, iOS 17.7.1, and iPadOS 17.7.1 on October 28 (the same day iOS 18, iPadOS 18, and Sequoia were released), but the release notes for those updates do not include any notation for CVE-2024-44131, nor do the iOS and iPadOS 17.7.2 updates, which released on November 19. It appears that in order to patch this hole, users must upgrade to the current versions of the operating systems.

How to protect yourself from hacker attacks

Apple has protections in place within its operating systems and the company releases security patches through OS updates, so it’s important to install them when they are available.

Macworld has several guides to help, including a guide on whether or not you need antivirus software, a list of Mac viruses, malware, and trojans, and a comparison of Mac security software.