Millions Of MacOS 11.2 And Earlier Powered Apple Devices Vulnerable To Serious Malware, Patch ASAP

bad apple macos vulnerable to malware that can bypass all protections patch now
From time to time, malware will pop up that affects Apple devices which are typically touted as the superior option to other PCs for their security. This happened earlier this year with the mysterious Silver Sparrow malware that caught thousands of M1 Macs. Now, Mac users are being urged to patch again to prevent actively used malware, bypassing many of Apple’s core security measures with ease.

File quarantine, Gatekeeper, and Application Notarization are three utilities that have been introduced over the years to help protect users. Effectively, these tools make it so Apple must essentially sign off on all software that could make it to a Mac. If some software somehow managed to sneak by those protections, it could be catastrophic for the security of said Apple devices. It seems that there is malware in the wild doing just that, though, as a logic flaw in macOS has been discovered which allows an attacker to “trivially and reliably bypass all of these foundational mitigations,” as Objective-See reports.

macos vulnerable to malware that can bypass all protections patch now

Should a user get tricked into downloading a malicious file from the web, they would not be prompted by File Quarantine, Gatekeeper, or the Notarization program. Objective-See put together a demo that shows an application called “Patricks_Resume,” which is downloaded and run and subsequently pops calculator on the device. No warning or message was shown saying that this file could be malicious in any way; it just worked.

With this in mind, users need to update their Macs to macOS version 11.3 to regain full protection against this vulnerability. Otherwise, they could remain susceptible to malware and adware that has been spotted in the wild by device management software company Jamf. Whether or not you decide to update, let us know what you think of this development in the comments below.