A Bypass Flaw in macOS Mojave Allows for Access of Protected Files

BY Evan Selleck

Published 24 Sep 2018

A bypass flaw has been discovered in macOS Mojave

Apple released macOS 10.14 Mojave out into the public earlier today, but a newly discovered bypass flaw in the desktop software has already been discovered.

BleepingComputer has the report out on Monday, following along with discoveries made by researcher Patrick Wardle. The bypass is facilitated by an unprivileged app, which allows Wardle to access information pertaining to Contacts data. There is a minute-long clip of the bypass in action, which you can watch at the bottom of this article.

“…Wardle says that he was able to access the confidential user contacts via an unprivileged app, meaning that it did not run with administrator permissions.

He says that the zero-day vulnerability stems from the way Apple implemented the protections for various privacy-related data.

“I found a trivial, albeit 100% reliable flaw in their implementation,” he told us, adding that it allows a malicious or untrusted app to bypass the new security mechanism and access the sensitive details without authorization.”

Wardle is planning on sharing technical details regarding the bypass in November, and, as such, those details, along with others, are not known at the time of this publication. Wardle does note that the bypass does not work with all of the new security measures that Apple included with macOS Mojave, and some physical equipment, including webcams, cannot be bypassed.

The report does not indicate if Apple has already confirmed it will be working on a fix, but it stands to reason the company is already planning on a subsequent software update to address the issue. If that is indeed the case, it would more than likely be a minor software update coming down the pipe.

[via BleepingComputer]