Sign In

Communications of the ACM

ACM TechNews

Apple macOS Security Protections Easily Bypassed With 'Synthetic' Clicks, Researcher Finds


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Keyboard of a Macbook Pro.

A researcher has found a zero-day vulnerability in a central Apple macOS safeguard that permits apps or malware to circumvent permissions and access a user's private data, webcam, or microphone.

Credit: ZDnet

Researcher Patrick Wardle at Digita Security found a zero-day vulnerability in a central Apple macOS safeguard allowing apps or malware to circumvent permissions, and access a user's private data, webcam, or microphone.

The flaw derives from an undocumented whitelist of cleared macOS apps that are permitted to generate "synthetic" clicks to prevent breakage.

Apps are usually signed with a digital certificate to prove their authenticity and freedom from tampering, so if the app has been changed to include malware, the certificate signals an error.

However, the bug Wardle identified implied that macOS was only checking if a certificate exists, without properly confirming the whitelisted app's legitimacy; this means a manipulated variant of a whitelisted app could be leveraged to activate a synthetic click.

Wardle said he alerted Apple of the flaw, but the company has not yet issued a patch.

From TechCrunch
View Full Article

 

Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account
ACM Resources