macOS 11.3 Patches Security Vulnerability That Bypassed Built-In Malware Protections

Apple today confirmed to TechCrunch that the just-released macOS 11.3 software update patches a security vulnerability that reportedly could have allowed a hacker to remotely access a user's sensitive data by tricking a user into opening a spoofed document.

apple security banner
"All the user would need to do is double click — and no macOS prompts or warnings are generated," said security researcher Cedric Owens, who discovered the vulnerability in mid-March, according to the report. Owens developed a proof-of-concept app masquerading as a harmless document that exploits the bug to launch the Calculator app, but he said the vulnerability could be exploited for more nefarious purposes.

According to security researcher Patrick Wardle, the vulnerability was the result of a logic bug in macOS's underlying code.

"In simple terms, macOS apps aren't a single file but a bundle of different files that the app needs to work, including a property list file that tells the application where the files it depends on are located," explains TechCrunch. "But Owens found that taking out this property file and building the bundle with a particular structure could trick macOS into opening the bundle — and running the code inside — without triggering any warnings."

In addition to fixing the bug in macOS 11.3, Apple told TechCrunch it patched earlier macOS versions to prevent abuse, and updated macOS's built-in anti-malware system XProtect to block malware from exploiting the vulnerability. The report says the bug was exploited for months, but it's unclear how many users were impacted.

Top Rated Comments

LV426 Avatar
14 months ago

Apple is definitely protecting the consumers.
Well, Apple definitely wasn’t protecting customers when they introduced this vulnerability.

There‘s a good write up of the disastrous security flaw here ('https://objective-see.com/blog/blog_0x64.html').
Score: 3 Votes (Like | Disagree)
TheYayAreaLiving ? Avatar
14 months ago
Apple is definitely protecting the consumers.
Score: 3 Votes (Like | Disagree)
Ethosik Avatar
14 months ago

This is why the Mac App Store should remain closed, walled and protected... oh, wait...
And the solution is to......remove the store and protected systems in place? There will always be bad things that slip through. The only....ONLY way to achieve 100% secure system is if the Apple App Review process takes months. Have Apple developers look through your code and REALLY test it. But would developers like this?

There are still murders, robberies, other criminal acts. Does that mean the police does nothing?
Score: 3 Votes (Like | Disagree)
RedTheReader Avatar
14 months ago

In simple terms, macOS apps aren't a single file but a bundle of different files that the app needs to work,
Everything Is a File™
Score: 2 Votes (Like | Disagree)
MauiPa Avatar
14 months ago
"The report says the bug was exploited for months, but it's unclear how many users were impacted." What report? A report is not mentioned in the article.
Score: 2 Votes (Like | Disagree)
lkrupp Avatar
14 months ago
Security updates for Mojave and Catalina out now that patch the same security issues.
Score: 2 Votes (Like | Disagree)

Related Stories

General Dropbox Feature

Apple Confirms macOS 12.3 Deprecates Kernel Extensions Used by Dropbox and OneDrive

Thursday January 27, 2022 11:29 am PST by
Apple today seeded the first beta of macOS 12.3 to developers for testing. In the release notes for the update, Apple confirms that it has deprecated kernel extensions used by Dropbox and Microsoft OneDrive and notes that both cloud storage services have replacements for the functionality currently in beta. Earlier this week, Dropbox announced that users who update to macOS 12.3 may...
appleprivacyad cleaned

iOS 15 Patched Security Hole That Potentially Exposed Users' Private Apple ID Information to Third-Party Apps

Thursday January 20, 2022 3:32 am PST by
Apple patched two significant security vulnerabilities when it released iOS 15 that could have potentially exposed users' private Apple ID information and in-app search history to malicious third-party apps and allowed apps to override user Privacy preferences, Apple has revealed in a recent support document update. With most iOS, macOS, tvOS, and watchOS updates, Apple provides a list of...
iPhone 13 Security

Researcher Says Apple Ignored Three Zero-Day Security Vulnerabilities Still Present in iOS 15

Friday September 24, 2021 10:42 am PDT by
In 2019, Apple opened its Security Bounty Program to the public, offering payouts up to $1 million to researchers who share critical iOS, iPadOS, macOS, tvOS, or watchOS security vulnerabilities with Apple, including the techniques used to exploit them. The program is designed to help Apple keep its software platforms as safe as possible. In the time since, reports have surfaced indicating...
macOS Monterey on MBP Feature

Apple Warns macOS Catalina Users About Installing macOS 12.3 Beta on Volume With FileVault Enabled

Saturday January 29, 2022 8:40 am PST by
Apple today updated its macOS 12.3 beta release notes to warn macOS Catalina users about a potential boot loop issue when installing the macOS 12.3 or macOS 11.6.4 betas on a separate APFS volume with FileVault enabled. "If your Mac currently has macOS Catalina installed, installing macOS Monterey 12.3 beta or macOS Big Sur 11.6.4 beta on a volume with FileVault enabled might cause a boot...
macOS Monterey Python

Apple Finally Removing Python 2 in macOS 12.3

Friday January 28, 2022 6:26 am PST by
Apple will no longer bundle Python 2.7 with macOS 12.3, according to developer release notes for the upcoming software update. Python 2 has not been supported since January 1, 2020 and no longer receives any bug fixes, security patches, or other changes. Apple says that developers should use an alternative scripting language going forward, such as Python 3, but it's worth noting that Python...
macOS Monterey on MBP Feature

Apple Releases macOS Monterey 12.2 With Safari Vulnerability Fix

Wednesday January 26, 2022 10:19 am PST by
Apple today released macOS Monterey 12.2, the second major update to the macOS Monterey update that launched in October. macOS Monterey 12.2 comes over a month after the release of the 12.1 update, which brought SharePlay support. The ‌‌‌macOS Monterey 12.2‌‌ update can be downloaded on all eligible Macs using the Software Update section of System Preferences. Apple has also...
safari icon blue banner

macOS Monterey 12.2 and iOS 15.3 Release Candidates Fix Safari Bug That Leaks Browsing Activity

Thursday January 20, 2022 1:30 pm PST by
The macOS Monterey 12.2 and iOS 15.3 release candidates that came out today appear to address a Safari bug that could cause your recent browsing history and details about your identity to be leaked to malicious entities. As shared last week by browser fingerprinting service FingerprintJS, there is an issue with the WebKit implementation of the IndexedDB JavaScript API. Any website that uses...
iPhone 13 Security

Apple Apologizes to Researcher for Ignoring iOS Vulnerabilities, Says It's 'Still Investigating'

Monday September 27, 2021 12:55 pm PDT by
Last week, security researcher Denis Tokarev made several zero-day iOS vulnerabilities public after he said that Apple had ignored his reports and had failed to fix the issues for several months. Tokarev today told Motherboard that Apple got in touch after he went public with his complaints and after they saw significant media attention. In an email, Apple apologized for the contact delay...

Popular Stories

maxresdefault

Unbox Therapy Shares Hands-On Look at iPhone 14 Pro Max Replica

Monday May 16, 2022 4:40 am PDT by
YouTuber Unbox Therapy has shared a hands-on look at the iPhone 14 Pro Max using what he claims is a one-to-one replica created by third-party case makers with access to detailed schematics and dimensions for Apple's new upcoming flagship smartphone. As with the iPhone 13 Pro lineup, in 2022, we are expecting a 6.1-inch iPhone 14 Pro and a 6.7-inch iPhone 14 Pro Max, but this time the Pro...
macOS Monterey 2

Apple Releases macOS Monterey 12.4 With Support for Studio Display Webcam Update

Monday May 16, 2022 10:10 am PDT by
Apple today released macOS Monterey 12.4, the fourth major update to the macOS Monterey operating system that launched in October 2021. macOS Monterey 12.4 comes over two months after the launch of macOS Monterey 12.3, an update that added Universal Control. The ‌‌‌‌‌macOS Monterey‌‌ 12.4 update can be downloaded on all eligible Macs using the Software Update section of System...
iOS 15

Apple Releases iOS 15.5 and iPadOS 15.5 With Wallet and Podcast Updates

Monday May 16, 2022 10:00 am PDT by
Apple today released iOS 15.5 and iPadOS 15.5, the fifth major updates to the iOS and iPadOS 15 operating systems that were initially released in September 2021. iOS and iPadOS 15.5 come a little over two months after the launch of iOS 15.4 and iPadOS 15.4. The iOS 15.5 and iPadOS 15.5 updates can be downloaded for free and the software is available on all eligible devices over-the-air in...
iOS 16 mock for article

Gurman: iOS 16 to Include New Ways of System Interaction and 'Fresh Apple Apps'

Sunday May 15, 2022 6:14 am PDT by
iOS 16 will include new ways of interacting with the system and some "fresh Apple apps," Bloomberg's Mark Gurman has said, offering some more detail on what Apple has in store for the upcoming release of iOS and iPadOS set to be announced in a few weeks at WWDC. In the latest edition of his Power On newsletter, Gurman wrote that while iOS 16 is not likely to introduce a major face-lift to...
Prosser Series 8 3

Apple Watch Series 8 Rumored to Feature New Design With Flat Display

Wednesday May 18, 2022 6:21 am PDT by
The Apple Watch Series 8 could feature an all-new design with a flat display, according to the leaker known as "ShrimpApplePro." In his latest video on the YouTube channel Front Page Tech, Jon Prosser highlighted information from ShrimpApplePro that suggests the Apple Watch Series 8 could feature a flat display in what seems to be a design originally rumored for the Apple Watch Series 7. ...
Whatsapp Feature

WhatsApp to Let Users Leave Group Chats 'Silently' and View Rich Link Previews in Status Updates

Tuesday May 17, 2022 3:07 am PDT by
WhatsApp is working on a new feature that will allow users to "silently" leave group chats hosted by the messaging platform instead of all members of the group being notified when they do. As it stands, when someone leaves a group chat, WhatsApp announces their exit to the entire group, making the act of leaving very public. It's not possible right now to leave a group quietly, but WhatsApp...
apple tv 4k design green

Apple Releases tvOS 15.5 for Apple TV HD and Apple TV 4K

Monday May 16, 2022 9:57 am PDT by
Apple today released tvOS 15.5, the fifth major update to the tvOS operating system that first launched in September 2021. tvOS 15.5 comes more than two months after the release of tvOS 15.4, an update that brought support for captive WiFi networks. tvOS 15.5 can be downloaded over the air on the Apple TV through the Settings app by going to System > Software Update. ‌‌‌‌‌‌Apple...