Wednesday, July 1, 2026
HomeCyber SecurityMicrosoft Particulars macOS Bug That May Let Attackers Acquire Entry to Consumer...

Microsoft Particulars macOS Bug That May Let Attackers Acquire Entry to Consumer Information

[ad_1]

Microsoft Particulars macOS Bug That May Let Attackers Acquire Entry to Consumer Information

Microsoft on Monday disclosed particulars of a just lately patched safety vulnerability in Apple’s macOS working system that could possibly be weaponized by a risk actor to reveal customers’ private data.

Tracked as CVE-2021-30970, the flaw issues a logic challenge within the Transparency, Consent and Management (TCC) safety framework, which permits customers to configure the privateness settings of their apps and supply entry to protected recordsdata and app knowledge. The Safety & Privateness pane within the macOS System Preferences app serves because the entrance finish of TCC.

Microsoft 365 Defender Analysis Crew, which reported the vulnerability to Apple on July 15, 2021, dubbed the flaw “powerdir.” Apple addressed the difficulty as a part of macOS 11.6 and 12.1 updates launched in December 2021 with improved state administration.

Automatic GitHub Backups

Whereas Apple does implement a coverage that limits entry to TCC to solely apps with full disk entry, it is potential to orchestrate an assault whereby a malicious software may work round its privateness preferences to retrieve delicate data from the machine, doubtlessly permitting an adversary to entry microphone to file non-public conversations or seize screenshots of delicate data displayed on the person’s display screen.

“We found that it’s potential to programmatically change a goal person’s house listing and plant a faux TCC database, which shops the consent historical past of app requests,” Jonathan Bar Or of Microsoft 365 Defender Analysis Crew stated. “If exploited on unpatched techniques, this vulnerability may enable a malicious actor to doubtlessly orchestrate an assault based mostly on the person’s protected private knowledge.”

macOS

In different phrases, if a nasty actor positive factors full disk entry to the TCC databases, the intruder may edit it to grant arbitrary permissions to any app of their selection, together with their very own, successfully allowing the app run with configurations beforehand not consented to.

Prevent Data Breaches

CVE-2021-30970 can also be the third TCC-related bypass vulnerability to be found after CVE-2020-9934 and CVE-2020-27937, each of which have since been remediated by Apple. Then in Could 2021, the corporate additionally patched a then zero-day flaw in the identical element (CVE-2021-30713) that would enable an attacker to realize full disk entry, display screen recording, or different permissions with out customers’ express consent.

“This exhibits that at the same time as macOS or different working techniques and purposes turn out to be extra hardened with every launch, software program distributors like Apple, safety researchers, and the bigger safety neighborhood, have to constantly work collectively to determine and repair vulnerabilities earlier than attackers can benefit from them,” Bar Or stated.



[ad_2]

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments