By exploiting a single vulnerability on the macOS platform, researchers can gain access to all documents stored on Apple’s Mac computers.
Every time the user shuts down the Mac computer with the Shut down , the system will display a message asking: “Are you sure you want to shut down your computer now?” (Are you sure you want to shutdown now?). Just below the question is the option approved by many macOS users: restarting unfinished applications and windows from a previous session when the computer is turned back on.
Security researchers have found a way to exploit vulnerability and use it to bypass any security measures created by Apple on the macOS operating system.
Thijs Alkemade – a security expert at the Computest security company (Netherlands) who discovered the vulnerability, confirmed that this issue allows an attacker to read any file currently on the Mac or take control. webcams.
“It’s basically a vulnerability that can be applied to three different locations,” he said.
After executing the first attack against the save state feature, Alkemade was able to manipulate various components of the Apple ecosystem. The first is to get rid of macOS’s sandbox mechanism, which is designed to limit the ability to successfully hack into an application.
Then bypass (bypass) System Intergrity Protection (SIP) – a key defense to prevent authorized code from accessing sensitive files on your Mac.
The vulnerability was first discovered by Alkemade in December 2020 and immediately reported to Apple through the bug hunting mechanism provided by the company to encourage knowledgeable people to submit information about security vulnerabilities.
According to Wired , Alkemade was paid a large bonus by Apple for this contribution. After that, “apple defect” released 2 updates for macOS: the first in April 2021 and then another in October of the same year.