Update to macOS 11.4 NOW - Someone Could Be Spying On You

Apple's recently released macOS Big Sur 11.4 update addresses a serious security vulnerability, so all users should complete the software update immediately.

macOS Big Sur Feature Blue
Jamf, a mobile device management company, raised a major security issue in ‌macOS Big Sur‌ that allowed attackers to piggyback apps like Zoom to surreptitiously take screenshots and record the screen. The exploit allowed a user's Privacy preferences to be bypassed, giving an attacker Full Disk Access, Screen Recording capability, and other permissions without consent.

The security bypass, which has apparently been actively used to attack users' systems, was discovered by Jamf when analyzing XCSSET malware. This malware targeted Mac developers by infecting Xcode projects so that it could be further spread through Github repositories to expand its reach. The XCSSET malware has been out in the wild since last year, but Jamf noticed a recent uptick in its activity and discovered this new permission-related variant.

jamf malware secret screenshots
Once installed on a victim's system, the malware can be used to take screenshots of the user's screen without the need for additional permissions. Jamf said that it could be used to bypass other permissions as well, as long as the donor application the malware piggybacked off of had that particular permission enabled.

Jamf has published a full rundown on how the exploit works, and the company says that Apple addressed the zero-day vulnerability in ‌macOS Big Sur‌ 11.4. Apple has since confirmed to TechCrunch that a fix has indeed been enacted in macOS 11.4, so Mac users should update their software as soon as possible to avoid being victimized.

Top Stories

First Look Big Sur Feature2

Apple Releases macOS Big Sur 11.2.1 With Fix for MacBook Pro Charging Issue [Updated]

Tuesday February 9, 2021 10:13 am PST by
Apple today released macOS Big Sur 11.2.1, the third update to the macOS Big Sur operating system that launched in November. macOS Big Sur‌ 11.2.1 comes a little over a week after the release of macOS 11.2. The new ‌‌‌macOS Big Sur‌‌ 11.2.1‌ update can be downloaded for free on all eligible Macs using the Software Update section of System Preferences. According to Apple's...
macOS Big Sur Feature Blue

Apple Seeds Sixth Beta of macOS Big Sur 11.3 to Developers [Update: Public Beta Available]

Wednesday March 31, 2021 10:03 am PDT by
Apple today seeded the sixth beta of an upcoming macOS Big Sur 11.3 update to developers for testing purposes, with the new beta coming one week after the launch of the fifth beta and more than a month after the release of macOS Big Sur 11.2, a bug fix update. Developers can download the ‌‌macOS Big Sur‌‌ 11.3 beta using the Software Update mechanism in System Preferences after...
macOS Big Sur Feature Triad

Apple Seeds Third Beta of macOS Big Sur 11.4 to Developers

Monday May 10, 2021 10:14 am PDT by
Apple today seeded the third beta of an upcoming macOS Big Sur 11.4 update to developers for testing purposes, with the new beta coming two weeks after the release of the second macOS Big Sur 11.4 beta. Developers can download the ‌‌‌macOS Big Sur‌‌‌ 11.4 beta using the Software Update mechanism in System Preferences after installing the proper profile from the Apple Developer...
macOS Big Sur Feature Purple

Apple Releases macOS Big Sur 11.3.1 With Fixes for WebKit Security Issues

Monday May 3, 2021 10:26 am PDT by
Alongside iOS 14.5.1 and watchOS 7.4.1, Apple today also released macOS Big Sur 11.3.1, which the company says "provides important security updates". According to the full security notes for the release, it addresses a memory corruption issue and an integer overflow in WebKit that could both be exploited using maliciously crafted web content. Apple says it aware of a report that these issues ...
First Look Big Sur Feature2

Apple Releases macOS Big Sur 11.2 With Bug Fixes for Bluetooth, External Displays, iCloud Drive, and More

Monday February 1, 2021 10:10 am PST by
Apple today released macOS Big Sur 11.2, the second major update to the macOS Big Sur operating system that launched in November. macOS Big Sur 11.2 comes more than a month after the release of macOS Big Sur 11.1. The new ‌‌macOS Big Sur‌ 11.2‌ update can be downloaded for free on all eligible Macs using the Software Update section of System Preferences. According to Apple's...
jamf malware secret screenshots

macOS Big Sur 11.4 Addresses Vulnerability That Could Let Attackers Take Secret Screenshots

Monday May 24, 2021 5:26 pm PDT by
macOS Big Sur 11.4, which was released this morning, addresses a zero-day vulnerability that could allow attackers to piggyback off of apps like Zoom, taking secret screenshots and surrepetiously recording the screen. Jamf, a mobile device management company, today highlighted a security issue that allowed Privacy preferences to be bypassed, providing an attacker with Full Disk Access,...
sudo bug macos

macOS Big Sur 11.2.1 Fixes Root Access Sudo Bug

Tuesday February 9, 2021 11:32 am PST by
The macOS Big Sur 11.2.1 update that Apple released today fixes a sudo security vulnerability that could allow an attacker to gain root access to a Mac. According to an Apple security support document, the bug, CVE-2021-3156, was addressed in the update by updating to sudo version 1.9.5p2. Apple has also fixed the bug in Supplemental Updates made available for macOS Catalina 10.15.7 and...
macOS Big Sur Feature Orange

Apple Releases macOS Big Sur 11.4 With Apple Podcasts Subscription Support

Monday May 24, 2021 10:08 am PDT by
Apple today released macOS Big Sur 11.4, the fourth major update to the macOS Big Sur operating system that launched in November 2020. macOS Big Sur comes one month after the release of macOS Big Sur 11.3, an update that added M1 optimizations, AirTag integration, and more. The new ‌‌‌‌macOS Big Sur‌‌‌ 11.4 update can be downloaded for free on all eligible Macs using the...
sudo bug macos

Root Access Sudo Bug Found to Affect macOS Big Sur

Wednesday February 3, 2021 9:20 am PST by
A sudo bug that can grant an attacker root access has been discovered to affect macOS Big Sur (via ZDNet). The security vulnerability, identified last week as "CVE-2021-3156" by the Qualys Security Team, affects sudo, which is a program that allows users to run commands with the security privileges of another user, such as an administrator. The bug triggers a "heap overflow" in sudo that...
macOS Big Sur Feature Blue

Apple Seeds Second Beta of macOS Big Sur 11.5 to Developers

Wednesday June 2, 2021 10:09 am PDT by
Apple today seeded the second beta of an upcoming macOS Big Sur 11.5 update to developers for testing purposes, with the new beta coming two weeks after the release of the first macOS Big Sur 11.5 beta. Developers can download the ‌‌‌‌macOS Big Sur‌‌‌‌ 11.5 beta using the Software Update mechanism in System Preferences after installing the proper profile from the Apple...