Apple Confirms Critical Update For Millions Of MacBook Pro Users
The latest update to macOS adds support for many of the new Apple products announced at last week’s ‘Spring Loaded’ event. The update to the geo-location focused Find My service and the finally released AirTags are at the top of Apple’s changeling. Following that you have the improvements to running iOS and iPadOS apps on your Mac, the latest emoji support, and finally adding in support for hibernation on M1-powered machines.
What was not highlighted is a critical update to macOS’ security that allowed potentially malicious code to avoid macOS security.
Developers can submit their applications to the Mac Store for Apple’s approval before listing. Unlike iOS and iPadOS it is possible to download an application directly from the web before installing it and running it on your device. Apple encourages developers to notarise these downloads – which in essence gives the apps a security check that there is no malicious code, and users can install these apps safely.
If an app is not notarised, then macOS throws up a lot of warnings, will scan for malicious code, and in general make a user extremely aware of the risk they could be taking. What if there were no warnings, and any could code run after a double-click from a user?
In March, security researcher Cedric Owens discovered a method to avoid these checks while code was installed and run on a macOS machine. Speaking to TechCrunch’s Zack Whittaker, Owens demonstrated the attack:
““All the user would need to do is double click — and no macOS prompts or warnings are generated,” he told TechCrunch. Owens built a proof-of-concept app disguised as a harmless document that exploits the bug to launch the Calculator app, a way of demonstrating that the bug works without dropping malware. But a malicious attacker could exploit this vulnerability to remotely access a user’s sensitive data simply by tricking a victim into opening a spoofed document, he explained.”
Owens also reported the issue to Apple. Objective-See’s Patrick Wardle has not only discussed just how dangerous the issue was, but has also shown that the exploit was being used in the wild. There’s an extensive amount of detail if you want to dig into the issue.
But the main takeaway is simple. Update your macOS to 11.3 as quickly as possible. Apple has confirmed that the issue has now been patched in today’s release, and that makes it a vital update for every Mac user out there, from the powerful Mac Pro right down to the latest and lightest MacBook Air.