A Software Bug Let Malware Bypass macOS' Security Defenses
Monday April 26, 2021. 09:24 PM , from Slashdot
But security researcher Cedric Owens said the bug he found in mid-March bypasses those checks and allows a malicious app to run. Owens told TechCrunch that the bug allowed him to build a potentially malicious app to look like a harmless document, which when opened bypasses macOS' built-in defenses when opened. 'All the user would need to do is double click -- and no macOS prompts or warnings are generated,' he told TechCrunch. Owens built a proof-of-concept app disguised as a harmless document that exploits the bug to launch the Calculator app, a way of demonstrating that the bug works without dropping malware. But a malicious attacker could exploit this vulnerability to remotely access a user's sensitive data simply by tricking a victim into opening a spoofed document, he explained.
Read more of this story at Slashdot.
May, Wed 12 - 15:23 CEST