Trending

Stories

Microsoft Researchers Help Apple Fix a Critical MacOS Bug

Must Read

Apple has fixed a security bug in its macOS software after Microsoft researchers alerted the iPhone maker about the vulnerability that could be used by hackers.

Microsoft discovered the vulnerability in macOS that could allow an attacker to bypass System Integrity Protection (SIP) in macOS and perform arbitrary operations on a device.

Also Read

The bug allowed a potential attacker to install a hardware interface that allows them to “overwrite system files, or install persistent, undetectable malware”.

“We also found a similar technique that could allow an attacker to elevate their privileges to root an affected device. We shared these findings with Apple through Coordinated Vulnerability Disclosure (CVD) via Microsoft Security Vulnerability Research (MSVR),” Microsoft 365 Defender Research Team said in a statement.

In its latest security update, Apple issued a fix for this vulnerability, now identified as CVE-2021-30892.

SIP is a security technology in macOS that restricts a root user from performing operations that may compromise system integrity.

” We found that the vulnerability lies in how Apple-signed packages with post-install scripts are installed. A malicious actor could create a specially crafted file that would hijack the installation process,” the Microsoft researchers noted.

After bypassing SIP’s restrictions, the attacker could install a malicious kernel driver (rootkit), overwrite system files, or install persistent, undetectable malware.

As networks become increasingly heterogeneous, the number of threats that attempt to compromise non-Windows devices also increases.

The company said that Microsoft Defender for Endpoint on Mac enables organizations to gain visibility and detect threats on macOS devices.

“This research underscores the importance of collaboration among security researchers, software vendors, and the larger security community,” Microsoft added.

Stay updated

Subscribe to our newsletter and never miss an update on the latest tech, gaming, startup, how to guide, deals and more.

Latest

Stories

- Advertisement -
- Advertisement -

Latest

Grow Your Business

Place your brand in front of tech-savvy audience. Partner with us to build brand awareness, increase website traffic, generate qualified leads, and grow your business.

- Advertisement -

Related

- Advertisement -
- Advertisement -
Nothing Phone (2) Confirmed for India Production Fitbit Integration with Google Accounts Begins Xiaomi 13 Ultra Global Launch: Offers, Price, Specs Meta Unveils Quest 3 VR Headset, Reduces Price for Quest 2 Foxconn to Manufacture iPhones in Karnataka, India: Creating 50,000 Jobs Amazon Echo Pop: Stylish Semi-Sphere Smart Speaker in India Redmi Display A27: Affordable 27 Inches Monitor with 100Hz Refresh Apple Music Classical App Now Available on Android WhatsApp’s Companion Mode: Same Account, Multiple Devices Nvidia & MediaTek Collaborate on Connected Car Tech
Nothing Phone (2) Confirmed for India Production Fitbit Integration with Google Accounts Begins Xiaomi 13 Ultra Global Launch: Offers, Price, Specs Meta Unveils Quest 3 VR Headset, Reduces Price for Quest 2 Foxconn to Manufacture iPhones in Karnataka, India: Creating 50,000 Jobs Amazon Echo Pop: Stylish Semi-Sphere Smart Speaker in India Redmi Display A27: Affordable 27 Inches Monitor with 100Hz Refresh Apple Music Classical App Now Available on Android