Apple fixes macOS security flaw behind Gatekeeper bypass

Apple has addressed a macOS vulnerability that unsigned and unnotarized script-based apps could exploit to bypass all macOS security protection mechanisms even on fully patched systems.

If they circumvent automated notarization security checks (which scans for malicious components and code-signing issues), the applications are allowed to launch by Gatekeeper, a macOS security feature designed to verify if downloaded apps are notarized and developer-signed.

Once malicious script-based apps targeting the bypass flaw (CVE-2021-30853) are launched on a target’s system, they can be used by attackers to download and deploy second-stage malicious payloads.

Read more…
Source: Bleeping Computer