"Election" hacking has never been simpler than it is today!
infosec

"Election" hacking has never been simpler than it is today!

Being a professional hacker has never been easier and more profitable than it is today. According to...
Read More
infosec

A new Android Trojan misleads users through notifications

A new Android Trojan discovered by security researchers on the Google Play Store uses false notifications to redirect their ...
Read More
infosec

Europol: Training of police officers with ....... a game!

In recent years, cryptocurrencies are a frequent target of hackers' attacks. For this reason, Europol has decided to train ...
Read More
infosec

Dark Web: Selling drugs in exchange for Bitcoins. Now prison!

We know that Dark Web is mainly used by hackers and people who are interested in doing illegal online activities. These people are using ...
Read More
infosec

Twitter: Deleting thousands of fake Iranian and Russian accounts

One of the most common means of spreading misinformation and political propaganda is social media. Twitter found, ...
Read More
Latest Posts

Researcher warns of a MacOS vulnerability that Apple refuses to correct

According to an Italian security researcher named Filippo Cavallarin, macOS Mojave 10.14.5 and younger are vulnerable to an arbitrary code execution error that Apple refuses to consider. This vulnerability allows a hacker to bypass Gatekeeper, which is the macOS built-in defense tool, and perform whatever he wants without worrying about certificate validation or any other validation. Cavallarin has discovered that it is possible to abuse the macOS automount functionality, which treats external disks and network as secure sites and is associated with a symlink to run any code
without hitting the Gatekeeper.

MacOS

To prove vulnerability, the researcher created one zip a file containing a symbolic link that automatically shows the endpoints it controls. This file can be sent to the victim and uploaded to the target system. The symlink takes the victim to a location controlled by the attacker and has never been checked by Gatekeeper and that means the hacker will be able to do whatever he wants, including the execution of malicious code. The following short video shows exactly how the scenario could actually unfold.

  • An Italian researcher exhibits a security vulnerability that allows hackers to bypass the Gatekeeper.
  • The researcher publicly published the PoC code and a video, but Apple has not yet released a solution.
  • Apple engineers have included a relative solution in the previous patch, but it was probably not effective enough.

While the concept of "concept code" is quite simple and made available Apple from 22 February 2019, the company failed to correct the issue, although it initially accepted the report as valid. At 15 May 2019, Apple began to completely ignore the investigator's messages that warned them of the next release deadline, so how exactly did we end up here. As there is no solution to this vulnerability, the only solution for macOS users who worry about their security is to disable automount on their system. To do this, the researcher reported the following three steps:

  1. Edit / etc / auto_master as root
  2. Note the line beginning with '/ net'
  3. Reboot

While the method of exploiting this vulnerability seems legitimate, there is some confusion arising from the 10.14.4 release notes. In the DesktopServices section, there is CVE-2019-8589 that promises improved controls that prevent malicious applications from bypassing Gatekeeper's controls. Are these improvements insufficient to mitigate the problem described by the Italian researcher or did not check the correction and falsely claim to reveal a defect? Given that he used the macOS X version 10.14.5 at the beginning of his report, I suspect he is not lying just that Apple engineers believed they corrected the vulnerability but did not.

Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *