Since long Mac has a reputation as being one of the most secure personal computing machine. The company directs a lot of its resources to make macOS impregnable. Recently a family of malware managed to bypass macOS newly introduced security.Apparently, the Mac malware has been exploiting the vulnerability for long. Today Apple has launched macOS 11.3, and it arrives with a fix for the notorious Shlayer malware.
Apple told TechCrunch it fixed the bug in macOS 11.3. Apple also patched earlier macOS versions to prevent abuse and pushed out updated rules to XProtect, macOS’ in-built anti-malware engine, to block malware from exploiting the vulnerability.
Mac Security researcher Patrick Wardle said the bug owes its existence to an underlying code in macOS. To be more precise, due to the bug, macOS was wrongly classifying some apps and skipping security checks. The security researcher’s proof of concept demonstrates how the custom app bypassed macOS security and run unhindered.
macOS apps contain a bundle of files with different functionality. The property list or plist file contains the location of all the files. Owens tinkered with the property list file and tricked macOS into opening the bundle and running the code within without any warnings to the user. It is good to know that Apple has finally patched the issue on macOS 11.3.
macOS Bug Sur 11.3 update arrives with a series of new features and fixes for M1 Mac. Apart from the malware, Apple has fixed the Bluetooth and external monitor issues. Check out all the new macOS Big Sur 11.3 features.
[via TechCrunch]