Apple fixes Mac Gatekeeper bypass vulnerability affecting even Lockdown Mode devices

December 21, 2022 02:46 pm | Updated 02:46 pm IST

The vulnerability discovered by Microsoft researchers in Apple’s Mac Gatekeeper allowed malware to bypass checks even when affected devices were used in Lockdown mode

The Hindu Bureau

Apple fixed a serious vulnerability in its Mac Gatekeeper that could allow malware to bypass checks and infect devices via untrusted applications, according to a report from BleepingComputer.

The vulnerability was first found and reported by Microsoft, and dubbed Achilles. The vulnerability existed in Apple’s Gatekeeper in macOS, which is responsible for automatically checking all apps downloaded from the internet.

Checks include determining whether downloaded apps are notarised and developer signed (approved by Apple), as well as asking users to confirm before launching, and alerting users that the app cannot be trusted.

The Achilles flaw could be used by attackers with specially crafted payloads. The flaw would allow attackers to abuse a logic issue to set Restrictive Control List Permissions, which is designed to block web browsers and internet downloaders from downloading and setting quarantine restrictions on downloaded files.

This would result in malicious apps containing archived malware files launching on targeted systems instead of being blocked by the Gatekeeper.

Microsoft said that since Apple’s Lockdown Mode, designed as an optional protection feature for high-risk users, is aimed to stop zero-click remote execution vulnerabilities, it does not protect against Achilles.

Apple is currently also testing a new Rapid Security Response feature that will allow both Mac and iOS devices to quickly receive security patches without the need to update the full operating system.

Earlier last week, Apple released software updates for iPhones, Macs, and iPads with updated security measures. The updates also added 5G support for iPhone users in India along with Freeform, a whiteboard app for collaborations, and Apple Music Sing.

