macOS 11.3 Patches Security Vulnerability That Bypassed Built-In Malware Protections

Apple today confirmed to TechCrunch that the just-released macOS 11.3 software update patches a security vulnerability that reportedly could have allowed a hacker to remotely access a user's sensitive data by tricking a user into opening a spoofed document.

apple security banner
"All the user would need to do is double click — and no macOS prompts or warnings are generated," said security researcher Cedric Owens, who discovered the vulnerability in mid-March, according to the report. Owens developed a proof-of-concept app masquerading as a harmless document that exploits the bug to launch the Calculator app, but he said the vulnerability could be exploited for more nefarious purposes.

According to security researcher Patrick Wardle, the vulnerability was the result of a logic bug in macOS's underlying code.

"In simple terms, macOS apps aren't a single file but a bundle of different files that the app needs to work, including a property list file that tells the application where the files it depends on are located," explains TechCrunch. "But Owens found that taking out this property file and building the bundle with a particular structure could trick macOS into opening the bundle — and running the code inside — without triggering any warnings."

In addition to fixing the bug in macOS 11.3, Apple told TechCrunch it patched earlier macOS versions to prevent abuse, and updated macOS's built-in anti-malware system XProtect to block malware from exploiting the vulnerability. The report says the bug was exploited for months, but it's unclear how many users were impacted.

Top Rated Comments

LV426 Avatar
10 months ago

Apple is definitely protecting the consumers.
Well, Apple definitely wasn’t protecting customers when they introduced this vulnerability.

There‘s a good write up of the disastrous security flaw here ('https://objective-see.com/blog/blog_0x64.html').
Score: 3 Votes (Like | Disagree)
TheYayAreaLiving ? Avatar
10 months ago
Apple is definitely protecting the consumers.
Score: 3 Votes (Like | Disagree)
Ethosik Avatar
10 months ago

This is why the Mac App Store should remain closed, walled and protected... oh, wait...
And the solution is to......remove the store and protected systems in place? There will always be bad things that slip through. The only....ONLY way to achieve 100% secure system is if the Apple App Review process takes months. Have Apple developers look through your code and REALLY test it. But would developers like this?

There are still murders, robberies, other criminal acts. Does that mean the police does nothing?
Score: 3 Votes (Like | Disagree)
RedTheReader Avatar
10 months ago

In simple terms, macOS apps aren't a single file but a bundle of different files that the app needs to work,
Everything Is a File™
Score: 2 Votes (Like | Disagree)
MauiPa Avatar
10 months ago
"The report says the bug was exploited for months, but it's unclear how many users were impacted." What report? A report is not mentioned in the article.
Score: 2 Votes (Like | Disagree)
lkrupp Avatar
10 months ago
Security updates for Mojave and Catalina out now that patch the same security issues.
Score: 2 Votes (Like | Disagree)

Related Stories

macOS Big Sur Feature Blue

Update to macOS 11.4 NOW - Someone Could Be Spying On You

Sunday May 30, 2021 9:40 am PDT by
Apple's recently released macOS Big Sur 11.4 update addresses a serious security vulnerability, so all users should complete the software update immediately. Jamf, a mobile device management company, raised a major security issue in macOS Big Sur that allowed attackers to piggyback apps like Zoom to surreptitiously take screenshots and record the screen. The exploit allowed a user's Privacy...
maxresdefault

Security Researcher Earns $100,000 for Safari Exploit in Pwn2Own Hacking Contest

Thursday April 8, 2021 2:36 pm PDT by
Each year, the Zero Day Initiative hosts a "Pwn2Own" hacking contest where security researchers can earn money for finding serious vulnerabilities in major platforms like Windows and macOS. This 2021 Pwn2Own virtual event kicked off earlier this week and featured 23 separate hacking attempts across 10 different products including web browsers, virtualization, servers, and more. A three-day...
firefox 89

Firefox 89 for Mac Released With Cleaner Design, Multi-Touch Zoom, and More

Tuesday June 1, 2021 10:11 am PDT by
Mozilla today announced the public release of Firefox 89 for macOS with a redesigned and modernized core browsing experience. The latest version of the browser features a simplified toolbar with less frequently used items removed, allowing the focus to be on the most important navigation items. Menus and prompts have also been streamlined across Firefox to have cleaner designs and clearer...
macOS Big Sur Feature Orange

Apple Releases macOS Big Sur 11.4 With Apple Podcasts Subscription Support

Monday May 24, 2021 10:08 am PDT by
Apple today released macOS Big Sur 11.4, the fourth major update to the macOS Big Sur operating system that launched in November 2020. macOS Big Sur comes one month after the release of macOS Big Sur 11.3, an update that added M1 optimizations, AirTag integration, and more. The new ‌‌‌‌macOS Big Sur‌‌‌ 11.4 update can be downloaded for free on all eligible Macs using the...
sudo bug macos

macOS Big Sur 11.2.1 Fixes Root Access Sudo Bug

Tuesday February 9, 2021 11:32 am PST by
The macOS Big Sur 11.2.1 update that Apple released today fixes a sudo security vulnerability that could allow an attacker to gain root access to a Mac. According to an Apple security support document, the bug, CVE-2021-3156, was addressed in the update by updating to sudo version 1.9.5p2. Apple has also fixed the bug in Supplemental Updates made available for macOS Catalina 10.15.7 and...
waltr pro

MacRumors Giveaway: Win a Maxed Out iPad Air and a Copy of WALTR PRO From Softorino

Friday May 21, 2021 11:01 am PDT by
For this week's giveaway, we've teamed up with Softorino to offer MacRumors readers a chance to win a fully upgraded iPad Air and a copy of WALTR PRO to go along with it. WALTR PRO is the third iteration of the popular WALTR app that's designed to make it easy to get any file from your computer onto an iPhone, iPad, or iPod touch. It's fantastic for transferring photos, videos, music, and...
sudo bug macos

Root Access Sudo Bug Found to Affect macOS Big Sur

Wednesday February 3, 2021 9:20 am PST by
A sudo bug that can grant an attacker root access has been discovered to affect macOS Big Sur (via ZDNet). The security vulnerability, identified last week as "CVE-2021-3156" by the Qualys Security Team, affects sudo, which is a program that allows users to run commands with the security privileges of another user, such as an administrator. The bug triggers a "heap overflow" in sudo that...
14

iOS 14.4 Patches Vulnerabilities That May Have Been Actively Exploited

Tuesday January 26, 2021 12:16 pm PST by
Apple today released iOS 14.4 and iPadOS 14.4, and along with a handful of minor new features, the software introduces security fixes for three vulnerabilities that may have been used in the wild. According to a security support document shared by Apple, there were kernel and WebKit vulnerabilities affecting all iPhones and iPads running iOS or iPadOS 14. The kernel vulnerability could allow ...

Popular Stories

airpodsinear 1

AirPods Save Woman's Life With Feature Everyone Should Know

Friday January 21, 2022 2:13 am PST by
Apple's AirPods have been credited with saving a woman's life after a potentially fatal fall, People reports. When a 60-year-old florist in New Jersey tripped and hit her head in her studio, she lost consciousness and awoke heavily bleeding. With nobody around to call for help, she realized she had her AirPods in, and used a "Hey Siri" command to call 911. An operator was able to stay on the ...
iphone 13 earpods

Apple to Stop Including EarPods With Every iPhone Sold in France From Next Week

Friday January 21, 2022 3:21 am PST by
Apple will no longer include EarPods with every iPhone sold in France, starting on January 24, according to a notice posted by a French carrier (via iGeneration). Apple was previously required to include EarPods in the box with the iPhone due to a French law that required every smartphone sold in the country to come with a "handsfree kit," but the law has now been changed in favor of reducing the ...
peloton tv workout cardio

Apple Floated as Potential Buyer of Peloton

Friday January 21, 2022 6:11 am PST by
Following months of bleak news about Peloton's "precarious state," including the revelation that it has halted production of its bikes and treadmills, Apple is being floated as a potential buyer of Peloton's troubled fitness business. Yesterday, CNBC reported that Peloton will temporarily stop production of its connected fitness products due to a "significant reduction" in consumer demand, a ...
Questionable Design Decisions

Apple's Most Questionable Design Decisions in Recent Memory

Sunday January 23, 2022 2:59 am PST by
Apple has always emphasized the depth of thought that goes into the design of its products. In the foreword to Designed by Apple in California, a photo book released by the company in 2016, Jony Ive explains how Apple strives "to define objects that appear effortless" and "so simple, coherent and inevitable that there could be no rational alternative." But every once in a while even Apple...
Spring 2022 Apple Products Feature

New iPad Air, Macs, and iPhone SE With 5G Likely to Be Announced at Apple Event This Spring

Thursday January 20, 2022 8:32 am PST by
Earlier this week, Bloomberg's Mark Gurman tweeted that Apple "will be holding a spring event" to announce a new iPhone SE and other hardware. In a recent edition of his newsletter, Gurman said the event is likely to occur in March or April. Gurman did not elaborate on what "other hardware" will be announced at Apple's purported spring event, but rumors suggest at least four products are...
Upcoming Products 2022 Feature

Gurman: Apple Preparing 'Widest Array of New Hardware Products in Its History' for Fall

Sunday January 23, 2022 10:32 am PST by
Apple is working on a number of new products that are set to launch this fall, and Bloomberg's Mark Gurman says that it will be "the widest array" of new devices that Apple has introduced in its history. In his latest "Power On" newsletter, Gurman explains that Apple is working on four new flagship iPhones (iPhone 14, iPhone 14 Max, iPhone 14 Pro, and iPhone 14 Pro Max), an updated low-end Ma...
apple watch series 7 aluminum colors yellowbg

Apple Watch Charging Bug Fixed in watchOS 8.4 Release Candidate

Thursday January 20, 2022 4:01 pm PST by
The watchOS 8.4 release candidate that was seeded to developers and beta testers this morning addresses an ongoing bug that could cause some Apple Watch chargers not to work properly with the Apple Watch. Back in December, we reported on a growing number of charging issues that Apple Watch Series 7 owners were facing. Since watchOS 8.3, there have been a number of complaints about...
safari icon blue banner

macOS Monterey 12.2 and iOS 15.3 Release Candidates Fix Safari Bug That Leaks Browsing Activity

Thursday January 20, 2022 1:30 pm PST by
The macOS Monterey 12.2 and iOS 15.3 release candidates that came out today appear to address a Safari bug that could cause your recent browsing history and details about your identity to be leaked to malicious entities. As shared last week by browser fingerprinting service FingerprintJS, there is an issue with the WebKit implementation of the IndexedDB JavaScript API. Any website that uses...
apple college discounts

Apple Walks Back UNiDAYS Verification Requirement for U.S. Education Store

Friday January 21, 2022 12:43 pm PST by
Earlier this week, Apple began requiring that customers taking advantage of educational discounts in the United States verify their status as a teacher, student, or school staff member through UNiDAYS. The requirement was a major change as Apple had never asked customers to go through a verification process in the United States before, and now, just three days after verification was added,...