Microsoft Discloses ‘Powerdir’ Vulnerability, Fixed in macOS Monterey 12.1 Update

BY Chandraveer Mathur

Published 10 Jan 2022

macOS Monterey 12.1

If you haven’t updated to macOS Monterey 12.1, we suggest you do so immediately. The update contains a patch for a vulnerability that Microsoft’s 365 Defender Research Team has discussed at length now.

Apple patched the “Powerdir” macOS vulnerability with the macOS 12.1 update. It is uniquely identifiable by the tag “CVE-2021-30970” Users who haven’t updated face risk from attackers who could use the flaw to bypass Transparency Consent protocols and access confidential user data without requisite authorization.

Microsoft explains that the Powerdir flaw could allow bad actors to plant proxy TTC databases that enable the reconfiguration of privacy settings and complete access to the Mac’s storage. If bad actors gain control of proxy TTC databases, they could configure them to access the victim’s personal data by hijacking installed apps or installing their malicious tools.

The vulnerability allows unauthorized access to the Mac’s camera, screen, and microphone as well. Apple credited Microsoft with discovering this vulnerability in the changelog for macOS Monterey 12.1. Microsoft says it continues to monitor the threats that could affect Windows devices and macOS. The company’s security team wrote:

“During this research, we had to update our proof-of-concept (POC) exploit because the initial version no longer worked on the latest macOS version, Monterey. This shows that even as macOS or other operating systems and applications become more hardened with each release, software vendors like Apple, security researchers, and the larger security community need to continuously work together to identify and fix vulnerabilities before attackers can take advantage of them.”

So, if you haven’t already updated to macOS Monterey’s latest version, we suggest you do so at your earliest convenience.

[Via Microsoft]