City

Marathi | Hindi

Epaper

Microsoft researchers help Apple fix a critical MacOS bug

By IANS | Updated: November 1, 2021 18:50 IST

New Delhi, Nov 1 Apple has fixed a security bug in its MacOS software after Microsoft researchers alerted ...

Open in App

Microsoft researchers help Apple fix a critical MacOS bug

New Delhi, Nov 1 Apple has fixed a security bug in its MacOS software after Microsoft researchers alerted the iPhone maker about the vulnerability that could be used by hackers.

Microsoft discovered the vulnerability in MacOS that could allow an attacker to bypass System Integrity Protection (SIP) in macOS and perform arbitrary operations on a device.

The bug allowed a potential attacker to install a hardware interface that allows them to "overwrite system files, or install persistent, undetectable malware".

"We also found a similar technique that could allow an attacker to elevate their privileges to root an affected device. We shared these findings with Apple through Coordinated Vulnerability Disclosure (CVD) via Microsoft Security Vulnerability Research (MSVR)," Microsoft 365 Defender Research Team said in a statement.

Apple issued a fix for this vulnerability, now identified as CVE-2021-30892, in its latest security update.

SIP is a security technology in macOS that restricts a root user from performing operations that may compromise system integrity.

" We found that the vulnerability lies in how Apple-signed packages with post-install scripts are installed. A malicious actor could create a specially crafted file that would hijack the installation process," the Microsoft researchers noted.

After bypassing SIP's restrictions, the attacker could then install a malicious kernel driver (rootkit), overwrite system files, or install persistent, undetectable malware, among others.

As networks become increasingly heterogeneous, the number of threats that attempt to compromise non-Windows devices also increases.

Microsoft Defender for Endpoint on Mac enables organisations to gain visibility and detect threats on macOS devices, the company said.

"This research underscores the importance of collaboration among security researchers, software vendors, and the larger security community," Microsoft added.

Disclaimer: This post has been auto-published from an agency feed without any modifications to the text and has not been reviewed by an editor

Tags: applemicrosoftSupport companyApple educationApple app storesStoreApple india store onlineIhhaApple inc.E-heli service
Open in App

Related Stories

TechnologyIT Layoffs 2025: Microsoft, Google, Apple Among 284 Tech Companies That Cut Jobs in First 5 Months

International"Don’t Set Up Production in India, Make In U.S": Donald Trump Sends Out Clear Message To Apple CEO Tim Cook

TechnologyMicrosoft Layoffs: Satya Nadella-led Company Sacks Over 6,000 Employees Across Key Positions

TechnologyWhy Is Skype Shutting Down? Microsoft's Video-Calling Platform to Retire on May 5

Business‘Microsoft Is a Digital Weapons Manufacturer’: Indian-American Engineer Calls Out Gates, Ballmer, Nadella Over AI Ties to Gaza War (Watch Video)

Technology Realted Stories

TechnologyDGCA gives clean chit to Air India’s Boeing 787 fleet amid thorough inspection

TechnologyNo major safety concerns with Air India’s Boeing 787 fleet: DGCA

TechnologyAndhra Pradesh plans to establish three circular economy parks

TechnologyIPO-bound Arisinfra's net loss widens to Rs 17.3 crore, revenue drops nearly 7 pc in FY24

TechnologyUnion Minister Jitendra Singh reviews progress of science and technology institutes in Northeast