Google reveals major flaw in macOS core

Google reveals major flaw in macOS core

The bugs in macOS They've been with everything lately. Just yesterday we talked about the possible outcome involving one that gave access to passwords stored in Access to Keys (as the hacker shared information about the vulnerability with Apple so that the company would correct everything by not responding to his request for rewards paid for discovering security holes).

Now researchers from the Google Project Zero (known to find security holes in both the company's own products as well as those made by others) found a serious flaw in kernel (core) which may allow an attacker to make changes to a file without the system being informed which may lead to opening of infected files.

The flaw has been described as being able to take advantage of what is called a copy-on-write (COW) of the XNU. According to Neowin, if a user-owned mounted file system image is modified, the virtual management subsystem will not be warned of this change which means that an attacker could perform malicious actions without the mounted file system being aware of it.

The researcher informed Apple of the failure in November 2018, but the company has not yet implemented a correction even after Project Zero's 90-day deadline for such companies to correct everything before disclosing information about the failure. Still, Apple is aware of everything and intends to release a fix in a future update of macOS, according to the researcher who knows the fix will come in macOS Mojave 10.14.4, which is in the testing phase.

For those interested, you can see a proof of concept of the problem on this page.

via AppleInsider