thanks to Microsoft, macOS users are missing out on a major vulnerability

If you are a macOS user and your system is not up to date, you need to perform this action quickly, your security is at stake. Microsoft has discovered a bug in Apple’s OS and the patch has already been released.

MacBook on a table

If there was a time when Apple and Microsoft were two absolute enemies, this is no longer true at all in 2022. Jonathan Bar Or, a computer security researcher from the Redmond giant, found a bug in macOS and immediately reported it to Apple engineers. This bug affects macOS Ventura, macOS Big Sur (11.7.2), macOS Monterey (12.6.2).

The error named Achilles and followed belowidentifier CVE-2022-42821, exploits a flaw in GateKeeper, a macOS security mechanism that checks downloaded apps before allowing them to run. When the user downloads a file from the web, GateKeeper verifies that its code has been approved by Apple and prompts the user for confirmation. Hackers can fool GateKeeper by preventing it from adding a file to the Access Control List (ACL), a list of files to be quarantined if they are of questionable origin.

Microsoft discovery saves Mac users a big headache

By bypassing GateKeeper’s quarantine, cybercriminals can download and deploy malicious code to the target computer. According to Microsoft is controls put in place by Apple, including isolation modewhich, when enabled, raises the security level of macOS to its maximum to protect users from the most sophisticated attacks, is useless against Achilles.

macOS users like to say that they are less prone to attacks and viruses because their operating system is more secure. As this new bug proves, the GateKeeper functionality is far from a guarantee of security. Thanks to Microsoft’s help, Apple teams were able to create a patch against Achilles. It is strongly recommended to apply it as soon as possible if you are using a Mac. The engineers from the Redmond company add: “users should apply the patch regardless of their quarantine status”.

Source: Microsoft

Leave a Comment