Security
Headlines
HeadlinesLatestCVEs

Headline

macOS Archive Utility Bug Lets Malicious Apps Bypass Security Checks

Exploit allows unsigned and unnotarized macOS applications to bypass Gatekeeper and other security, without notifying the user.

DARKReading
#vulnerability#mac#apple

New details about a known vulnerability in the macOS Archive Utility have emerged, showing that a cyberattacker armed with just the right specialty archive could exploit it to execute a malicious application while bypassing security checks — without the user ever being notified.

The vulnerability, discovered by Jamf Threat Labs and tracked as CVE-2022-32910, affects the Archive Utility, an Apple tool that allows users to easily create and send archives. The team said it discovered the flaw during research into general archiving feature security.

“Although our testing was done with Apple Archives, the same bypass can be achieved with other archive formats such as .ZIP archives, in which case the .ZIP file could be created while within the app directory,” the disclosure noted.

The Jamf team reported the macOS bug to Apple on May 31 and said Apple issued a patch on July 20 — but it’s just now releasing technical details. Out-of-date end users should update to the latest macOS version to avoid compromise.

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Related news

Microsoft Warns on 'Achilles' macOS Gatekeeper Bypass

The latest bypass for Apple's application-safety feature could allow malicious takeover of Macs.

Details Released for Recently Patched new macOS Archive Utility Vulnerability

Security researchers have shared details about a now-addressed security flaw in Apple's macOS operating system that could be potentially exploited to run malicious applications in a manner that can bypass Apple's security measures. The vulnerability, tracked as CVE-2022-32910, is rooted in the built-in Archive Utility and "could lead to the execution of an unsigned and unnotarized application

DARKReading: Latest News

Iranian APT Group Targets IP Cameras, Extends Attacks Beyond Israel