However, the official name of the problem in the security databases is CVE-2022-42821. Via the bug, it is possible to bypass the Gatekeeper system in MacOS. Apple calls the gatekeeper the mechanism used to ensure that foreign code from untrustworthy sources cannot be executed.
However, according to Microsoft’s analyses, this protection mechanism can be circumvented. That would of course be an important point at which malware could start in order to be able to smuggle malicious code onto a Mac at all, which significantly increases the chance of success for cybercrime campaigns, explained the Microsoft Security Threat Intelligence team.
Please patch
Microsoft’s security researchers acknowledged that with Gatekeeper, Apple has actually developed a very effective system that can be used to keep threats away. However, one must also note that this protection is ultimately “not bulletproof”.
Gatekeeper works in such a way that a code downloaded from the network is first given a quarantine mark. However, manipulations of the Access Control List (ACL) could be used to prevent this attribute assignment. As a result, the code is no longer classified correctly and can be executed.
The Microsoft experts have sent their findings to Apple and the MacOS manufacturer has already been able to react. Users are strongly advised to install the latest system updates to close the vulnerability. The security researchers pointed out that the new lockdown mode that Apple has introduced for users with special security requirements does not protect against the problem and patches should be installed quickly.
See also:
