macOS Big Sur 11.4 Addresses Vulnerability That Could Let Attackers Take Secret Screenshots
macOS Big Sur 11.4, which was released this morning, addresses a zero-day vulnerability that could allow attackers to piggyback off of apps like Zoom, taking secret screenshots and surrepetiously recording the screen.
Jamf, a mobile device management company, today highlighted a security issue that allowed Privacy preferences to be bypassed, providing an attacker with Full Disk Access, Screen Recording, and other permissions without a user's consent.
The bypass was actively exploited in the wild, and was discovered by Jamf when analyzing XCSSET malware. The XCSSET malware has been out in the wild since 2020, but Jamf noticed an uptick in recent activity and discovered a new variant.
Once installed on a victim's system, the malware was used specifically for taking screenshots of the user's desktop with no additional permissions required. Jamf said that it could be used to bypass other permissions as well, as long as the donor application the malware piggybacked off of had that permission enabled.
Jamf has a full rundown on how the exploit worked, and the company says that Apple addressed the vulnerability in macOS Big Sur 11.4, Apple confirmed to TechCrunch that a fix has indeed been enabled in macOS 11.4, so Mac users should update their software as soon as possible.
Related Stories
Apple today seeded a second release candidate version of an upcoming macOS Big Sur 11.5 update to developers for testing purposes, with the new update coming one week after the release of the first RC version.
Developers can download the macOS Big Sur 11.5 beta using the Software Update mechanism in System Preferences after installing the proper profile from the Apple ...
Apple today seeded the fourth beta of an upcoming macOS Big Sur 11.5 update to developers for testing purposes, with the new beta coming two weeks after the release of the third macOS Big Sur 11.5 beta.
Developers can download the macOS Big Sur 11.5 beta using the Software Update mechanism in System Preferences after installing the proper profile from the Apple...
Apple today released unexpected iOS 14.7.1 and iPadOS 14.7.1 updates to the public, and according to a newly released support document, the software addresses a serious security vulnerability that may have been exploited in the wild.
Apple says that an application may have been able to execute arbitrary code with kernel privileges due to a memory corruption issue. "Apple is aware of a report ...
Apple today seeded the release candidate version of an upcoming macOS Big Sur 11.5 update to developers for testing purposes, with the new beta coming one week after the release of the fifth macOS Big Sur 11.5 beta.
Developers can download the macOS Big Sur 11.5 beta using the Software Update mechanism in System Preferences after installing the proper profile from the ...
Apple has released a new macOS Big Sur 11.5.2 update, delivering unspecified bug fixes for Mac users running the latest major operating system version. The update comes a little over two weeks after Apple released macOS 11.5.1.
The new macOS Big Sur 11.5.2 update can be downloaded for free on all eligible Macs using the Software Update section of System ...
Apple today released macOS Big Sur 11.6.1, a minor update to the macOS Big Sur operating system that first came out in November 2020. macOS Big Sur 11.6.1 comes roughly six weeks after the launch of macOS Big Sur 11.6.
The new macOS Big Sur 11.6.1 update can be downloaded to all eligible Macs using the Software Update section of System Preferences....
Apple today released macOS Big Sur 11.5.1, a minor bug fix update that comes close to one week after the launch of macOS Big Sur 11.5.
The new macOS Big Sur 11.5.1 update can be downloaded for free on all eligible Macs using the Software Update section of System Preferences.
According to Apple, macOS Big Sur 11.5.1 brings important security updates and is...
Apple today released macOS Big Sur 11.6, the sixth major update to the macOS Big Sur operating system that first launched in November 2020. macOS Big Sur 11.6 comes a month after the release of macOS Big Sur 11.5.2, a bug fix update.
The new macOS Big Sur 11.6 update can be downloaded all eligible Macs using the Software Update section of System Preferences.
...
Popular Stories
Apple today launched its annual "Back to School" promotion for college/university students in the United States and Canada. This year's promotion offers a free Apple gift card with the purchase of an eligible Mac or iPad, rather than free AirPods like last year. Apple is also offering students 20% off AppleCare+ plans during the promotion.
Apple is offering a $150 gift card with the purchase ...
CEO Tim Cook this week did an interview with China Daily, where he once again commented on on the future of augmented reality and hinted at Apple's work on an AR/VR headset. Render via designer Ian Zelbo Cook said that Apple is excited about the opportunities available with augmented reality, which is not too far off from prior comments that he's made, but he went on to say that people should ...
The next-generation AirPods Pro could come with a long list of new features that include heart rate detection, the ability to function as a hearing aid, and a USB-C port according to a report from 52Audio.
The site claims that it has received new information on the AirPods Pro 2, and it has used that information to provide some renders on what the earbuds might look like. Design wise, there...
Apple today seeded the second betas of iOS 16 and iPadOS 16 to developers for testing purposes, and the new betas introduce new features and refine some of the changes that Apple made with the first iOS 16 release.
Subscribe to the MacRumors YouTube channel for more videos. Lock Screen Photo Wallpaper Customization
When customizing a photo on the Lock Screen, there are two new DuoTone and...
The iPad will no longer be able to be used as a home hub following the launch of iOS 16, iPadOS 16, macOS Ventura, and the HomePod 16 software this fall, Apple confirmed today.
As discovered in iOS 16 code by MacRumors contributor Steve Moser, Apple says that the iPad will no longer be supported as a home hub. This information will be displayed in the Home app after updating to iOS 16.A home ...
Apple is "likely" to announce its long-rumored mixed-reality headset as soon as January 2023, Apple analyst Ming-Chi Kuo has reiterated.
Concept render based on purported leaked information by Ian Zelbo In a detailed post on Medium, Kuo explained that Apple's headset will be a "game-changer" for the augmented-reality and virtual-reality market. Describing some of the headset's...
Top Rated Comments
PSA: The SSD disk write issues have been fixed in 11.4 which came out today. The person who found the issue in first place says it was a result of a kernel bug and he also says 11.4 addresses the issue.
Update to 11.4 if your on M1 macs.
Users on this thread also report lower disk writes on 11.4.
[MEDIA=twitter]1396374313591140357[/MEDIA]