A dangerous security flaw discovered in macOS

“There are no viruses on Apple computers running macOS.” This received idea, someone has probably already told you on occasion. Apple’s ecosystem being particularly closed in on itself, hackers and malicious developers would simply not be able to create viruses for Macs as they manage to do on Windows.

This misconception is half true. As explained above, the closed ecosystem set up by Apple makes any incursion of a virus into the bowels of the Mac, iPhone, or iPad very complicated. But complicated does not mean impossible, as evidenced by the many security flaws discovered by Apple employees or budding developers in recent months.

One of the most important in recent years was discovered several months ago by Microsoft development teams on July 27 but was only resolved a few weeks ago by Apple. This vulnerability was called Achilles and exploited a malfunction in GateKeeper. If you weren’t familiar with GateKeeper, it’s a system put in place by Apple many years ago to verify that app packages being installed in macOS aren’t malicious. Tell yourself that if this system fails, the whole integrity of the Mac is called into question.

The flaw uses the AppleDouble file format, including permission access lists to bypass GateKeeper. As much as to say right away, such a flaw can have serious consequences for your privacy and the integrity of your personal data. Malicious programs can thus be installed on the Mac without your knowledge and steal your personal data right in front of the user. Rather surprisingly, even Isolation mode, which is supposed to protect against cyberattacks, would not be effective against such a flaw.

How do I know if I am affected?

It’s been a little over a week since Apple updated its operating systems to protect its customers from possible data theft. If the information is only put forward now by Microsoft, it is for a good reason: revealing that a flaw exists when all users have not yet updated their Mac could pose serious security problems. security.

Now, Macs running macOS 13 (Ventura), macOS 11.7.2 (Big Sur), and macOS 11.6.2 (Monterey) are supposed to have received the security patch developed by Apple teams to secure GateKeeper. To check your macOS version, click the Apple menu in the top left, then click About This Mac. If the version is older, do not delay and update.

Related posts

iOS 18.2 launched with a series of groundbreaking AI features

iOS 18.4 launches in April next year

New zero-day vulnerability is threatening all versions of Windows