Skip links

In This Article:

Take control of your digital security

Microsoft discovered Major Security Vulnerability in macOS: How Hackers are Bypassing Apple’s Gatekeeper

Shares This:
Reading Time: 2 minutes

What is it:

Microsoft recently discovered a vulnerability in Apple’s Gatekeeper security mechanism, which could allow malicious apps disguised as valid apps, such as flash player or PDF files, to bypass Gatekeeper’s checks and potentially put a user’s device at risk of malware infection, data loss, or even ransomware infections.

Apple’s Gatekeeper is a security feature in the macOS operating system that helps protect users from downloading and installing malicious software. It does this by verifying the identity and reputation of apps before they are run on a user’s Mac. When an app is downloaded from the internet or transferred from another device, Gatekeeper checks the app for a valid signature from a registered developer. If the app is not signed or the signature is not valid, Gatekeeper will prevent the app from being opened and will display a warning to the user. In addition, Gatekeeper checks apps against a list of known malware to help protect against malicious software. It also allows users to specify which types of apps they want to allow on their Mac, such as only allowing apps that are downloaded from the Mac App Store or that are signed by a developer with a valid Developer ID.

Who does it apply to?

At the time of writing this affected below macOS versions:

  • macOS Monterey
  • macOS Big Sur

What should you do about it?

  • Apple has addressed this software flaw with security updates. To protect your device, please make sure to update your macOS with the updates provided by Apple
  • It is always recommended to keep your OS updated
  • To protect yourself from this software flaw, it is important to only download and install applications from trusted and verified sources. This will prevent cybercriminals from taking advantage of the flaw through the installation of malicious apps without your knowledge
  • If you believe you have installed any application from unverified sources, uninstall the application ASAP
  • Do a full malware scan of the machine

Technical Details

When you install an app on macOS, it is typically checked by a security feature called Gatekeeper to ensure that it has a valid signature approved by Apple. If the app passes this verification, it will ask for your permission to launch. However, if the app does not have a genuine signature, Gatekeeper will prevent it from running and alert you that the app is untrusted.

This software flaw can bypass Gatekeeper’s ability to verify the authenticity of an app, allowing potentially malicious apps to be installed on your macOS without your knowledge. These apps could compromise your machine and potentially perform harmful activities such as data theft, ransomware, spying, or stealing credentials.

Sources:

https://www.darkreading.com/vulnerabilities-threats/microsoft-warns-on-achilles-macos-gatekeeper-bypass

Sign Up to improve your Digital Security Now!

Shares This:

Leave a comment

Related Articles