MacOS Zero-Day Allows Trusted Apps to Run Malicious Code

A researcher has revealed a zero-day flaw in Apple’s Mojave operating system tied to the way the OS verifies apps. The bug allows attackers to sneak past macOS security measures and run whitelisted apps that have been manipulated to run malicious code.

macOS researcher Patrick Wardle revealed the flaw Monday, describing the exploitation of the bug as a second-stage attack method allowing an adversary to cloak further exploitation of a targeted system using a technique called synthetic mouse clicks. He said the bug shines a bright light on the fact Mojave’s application verification mechanism is “100 percent broken.”

Wardle, who is chief research officer at Digita Security and founder of Mac security company Objective-See, revealed the vulnerability at a security conference, Objective By The Sea, on Monday.

Read more…
Source: ThreatPost