Apple fixes Gatekeeper-bypass vulnerability after Microsoft discovers macOS security flaw
A Microsoft security researcher has unearthed a security vulnerability in macOS which has been named Achilles.
Tracked as CVE-2022-42821, Jonathan Bar Or found that the flaw could be used to bypass the Gatekeeper security feature of macOS in order to execute malicious apps. Apple has now fixed the vulnerability in Big Sur, Monterey and Ventura versions of macOS.
macOS has an unpatched Finder vulnerability that hackers can use to run arbitrary commands
Apple makes much of the security of its products, but vulnerabilities are certainly not unknown. SSD Secure Disclosure has revealed details of a zero-day flaw affecting Finder in macOS. It can be exploited to run arbitrary commands without displaying any messages, prompts or warnings.
The vulnerability was discovered by independent security researcher Park Minchan, and it is present in macOS Big Sur and earlier. The flaw relates to the way macOS processes .inetloc (internet location) files and Apple has made a poor, easily circumvented attempt to fix it in the most recent version of its Mac operating system.