Unlocking the Gatekeeper security mechanism We also share this research to emphasize the importance of collaboration among researchers and the security community to improve defenses for the larger ecosystem. In this blog post, we share information about Gatekeeper and the vulnerability able to bypass it. We thank Apple for the collaboration in addressing this issue. End-users should apply the fix regardless of their Lockdown Mode status. We note that Apple’s Lockdown Mode, introduced in macOS Ventura as an optional protection feature for high-risk users that might be personally targeted by a sophisticated cyberattack, is aimed to stop zero-click remote code execution exploits, and therefore does not defend against Achilles. Fixes for the vulnerability, now identified as CVE-2022-42821, were quickly released by Apple to all their OS versions. Gatekeeper bypasses such as this could be leveraged as a vector for initial access by malware and other threats and could help increase the success rate of malicious campaigns and attacks on macOS.Īfter carefully reviewing the implications, we shared the vulnerability with Apple in July 2022 through Coordinated Vulnerability Disclosure (CVD) via Microsoft Security Vulnerability Research (MSVR). We developed a proof-of-concept exploit to demonstrate the vulnerability, which we call “Achilles”. On July 27, 2022, Microsoft discovered a vulnerability in macOS that can allow attackers to bypass application execution restrictions imposed by Apple’s Gatekeeper security mechanism, designed to ensure only trusted apps run on Mac devices. Microsoft Defender Vulnerability Management
Microsoft Intune Endpoint Privilege Management.
Azure Active Directory part of Microsoft Entra.
0 kommentar(er)
