Apple fixes Gatekeeper-bypass vulnerability after Microsoft discovers macOS security flaw
A Microsoft security researcher has unearthed a security vulnerability in macOS which has been named Achilles.
Tracked as CVE-2022-42821, Jonathan Bar Or found that the flaw could be used to bypass the Gatekeeper security feature of macOS in order to execute malicious apps. Apple has now fixed the vulnerability in Big Sur, Monterey and Ventura versions of macOS.
- Microsoft is finally killing off Internet Explorer 11 with an Edge update
- Microsoft confirms KB5021233 update is causing 0xc000021a errors and blue screens in Windows 10
- Microsoft is bringing another big update to Windows 11 in May
In a post on the Microsoft Security Threat Intelligence blog, Microsoft reports that it discovered the Achilles vulnerability back at the end of July. The company explains that the security flaw could, "allow attackers to bypass application execution restrictions imposed by Apple's Gatekeeper security mechanism, designed to ensure only trusted apps run on Mac devices".
The blog post continues:
We developed a proof-of-concept exploit to demonstrate the vulnerability, which we call "Achilles". Gatekeeper bypasses such as this could be leveraged as a vector for initial access by malware and other threats and could help increase the success rate of malicious campaigns and attacks on macOS.
After carefully reviewing the implications, we shared the vulnerability with Apple in July 2022 through Coordinated Vulnerability Disclosure (CVD) via Microsoft Security Vulnerability Research (MSVR). Fixes for the vulnerability, now identified as CVE-2022-42821, were quickly released by Apple to all their OS versions. We note that Apple's Lockdown Mode, introduced in macOS Ventura as an optional protection feature for high-risk users that might be personally targeted by a sophisticated cyberattack, is aimed to stop zero-click remote code execution exploits, and therefore does not defend against Achilles. End-users should apply the fix regardless of their Lockdown Mode status. We thank Apple for the collaboration in addressing this issue.
Microsoft has provided more detailed information about the vulnerability here.
Apple released fixes for the security flaw last week, so macOS users are advised to ensure that they have all the latest updates installed.