Tech

A Single Flaw Broke Every Layer of Security in MacOS


New Year’s Eve shutdown your Mac, a pop-up appears: “Are you sure you want to shut down your computer now?” Hiding under the prompts is another option that most of us probably ignore: the choice to reopen the apps and windows you have open now when your machine is turned back on. Researchers have now found a way to exploit this “saved state” feature — and it could be used to circumvent important layers of Apple’s security.

Thijs Alkemade, a security researcher at the Netherlands-based cybersecurity firm Computest, said the vulnerability, which is vulnerable to a process compression attack to circumvent macOS security, could allow an attacker to publicly read every file on your Mac or take control of the webcam. gap. “It’s basically a flaw that can be applied to three different positions,” he said.

After deploying the initial attack against the saved states feature, Alkemade was able to migrate to other parts of the Apple ecosystem: exiting first macOS sandboxdesigned to limit successful attacks to an application and then bypass System Integrity Protection (SIP), a primary defense designed to prevent authorized code from accessing sensitive files on your Mac.

Alkemade — presenting work at Black Hat Conference in Las Vegas This week — first found a security vulnerability in December 2020 and reported the issue to Apple through their bug bounty program. He was paid a “fairly handsome” reward for the research, he said, though he declined to elaborate on how much. Since then, Apple has released two updates to fix the bug, the first is April 2021 and again in October 2021.

When asked about this vulnerability, Apple said it did not make any comment prior to Alkemade’s presentation. The company’s two public updates on the vulnerability are detailed, but they say the issues could allow malicious apps to leak sensitive user information and elevate privileges for users. the attacker moves through the system.

Apple’s changes can also be seen in Xcode, the company’s development workspace for app creators, blog post attack description from Alkemade says. The researcher says that although Apple has fixed the issue for Macs running the Monterey operating system, released in October 2021, earlier versions of macOS are still vulnerable.

There are many steps to launching the attack successfully, but basically, they will return to the original state injection process vulnerability. Process injection attacks allow hackers to inject code into a device and run it in a way that is different from what was originally intended.

Attacks are not uncommon. “Very often a process insertion vulnerability can be found in a particular application,” says Alkemade. “But to have something that is widely applicable is a very rare thing,” he said.

The vulnerability Alkemade found resides in a “serialized” object in the saved state system, which saves the apps and windows you opened when you shut down your Mac. This saved state system can also run while using a Mac, in a process called App Nap.



Source link

newsofmax

News of max: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, Sports...at the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

Back to top button
Immediate Matrix Immediate Maximum