U.S. Markets closed

Mac security hole reportedly lets attackers bypass app safeguards

Jon Fingas
Mac security hole reportedly lets attackers bypass app safeguards

Apple may have another Gatekeeper security flaw on its hands. Researcher Filippo Cavallarin has detailed a macOS vulnerability that he said would let attackers install malware without the usual permission request. As Gatekeeper considers network shares to be 'safe' locations that don't require permission checks, an intruder just has to trick the user into mounting one of those shares to run the apps they like.