macOS Mojave Privacy Bypass Flaw Allows Access To Protected Files


macOS Mojave Privacy Bypass Flaw Allows Access To Protected Files (Sep 24, 2018)

Security researcher, Patrick Wardle, discovered a zero-day vulnerability in the new macOS Mojave update that could allow for unauthenticated applications to bypass authorisation. The new update’s “dark-theme” contains a flaw in their implementation that could allow for a malicious or untrusted application to bypass the new security mechanism and access sensitive details. According to Wardle, this bypass does not work for all of the new update’s privacy protection features, and certain hardware features like the webcam are not affected by this vulnerability. At the writing of this article, Apple has not recognised the vulnerability and a patch has yet to be released.

Recommendation: Often seen with brand new updates in their first version, it is best to postpone updating Mac machines to this new operating system until Apple patches this vulnerability and releases a later version. Many first versions (0.1) often have many kinks to work through before releasing improved and more secure versions, so typically it is recommended to wait until absolutely necessary before upgrading to a new system version.

Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.