Microsoft Discovered New 'Powerdir' macOS Vulnerability, Fixed in 12.1 Update
Microsoft's 365 Defender Research Team this morning published details on a new "Powerdir" macOS vulnerability that let an attacker bypass the Transparency, Consent, and Control technology to gain unauthorized access to protected data.
Apple already addressed the CVE-2021-30970 vulnerability in the macOS Monterey 12.1 update that was released in December, so users who have updated to the latest version of Monterey are protected. Those who have not done so should update. Apple in its security release notes for the 12.1 update confirmed the TCC vulnerability and credited Microsoft with its discovery.
According to Microsoft, the "Powerdir" security flaw could allow a fake TCC database to be planted. TCC is a long running macOS function that lets users configure the privacy settings of their apps, and with the fake database, a malicious person could hijack an app installed on a Mac or install their own malicious app, accessing the microphone and camera to obtain sensitive info.
Microsoft has a detailed outline of how the vulnerability works, and the company says that its security researchers continue to "monitor the threat landscape" to discover new vulnerabilities and attacker techniques that affect macOS and other non-Windows devices.
"Software vendors like Apple, security researchers, and the larger security community, need to continuously work together to identify and fix vulnerabilities before attackers can take advantage of them," wrote Microsoft's security team.
Popular Stories
Apple is developing an all-new operating system codenamed "Charismatic," according to Bloomberg's Mark Gurman.
Apple smart home hub concept
This is likely Apple's long-rumored "homeOS" operating system.
In a report this week, Gurman said both Apple's rumored smart home hub in 2026 and tabletop robot in 2027 will run the new operating system. He said the software platform will blend...
Last week, Apple released and then pulled a software tool that accidentally contained identifiers for many unreleased devices and chips, according to MacRumors contributor Aaron Perris. His findings included new models of the Studio Display, Apple TV, Apple Watches, Apple Vision Pro, iPad mini, HomePod mini, and more.
Here is what was uncovered in the file, according to MacRumors contributor ...
The seventh developer beta of iOS 26 is now available. While we are now in the later stages of the iOS 26 beta cycle, there are still some changes.
Below, we outline everything new that we have found in iOS 26 beta 7 so far.
Redesigned Blood Oxygen Feature
The seventh developer betas of iOS 26 and watchOS 26 include a redesigned Blood Oxygen feature on Apple Watch Series 9, Apple Watch ...
Alleged images of the iPhone 17 Pro Max's internal design have surfaced, offering a potential look inside the device before it is announced by Apple next month.
The images were shared by the account "yeux1122" this week, in a blog post on the Korean platform Naver. The account aggregates Apple rumors and leaks, so it is likely not the original source of the images, and it is unclear if they...
Apple is expected to delay the launch of its base iPhone 18 model until spring 2027, marking a major shift in the company's long-established release cycle, according to South Korea's ETNews.
The report claims that Apple has informed some of its suppliers that the iPhone 18 will not be part of the September 2026 iPhone lineup. Instead, the company will unveil only higher-end models in the...
At least one new Apple Watch model launching next year will feature a "significant redesign," according to Taiwanese supply chain publication DigiTimes.
In a paywalled report this week, citing supply chain insiders, DigiTimes claimed that a high-end 2026 Apple Watch model will feature "exterior design" changes, including but not limited to "eight sensors arranged in a ring pattern visible...
As we wait for WWDC to kick off next Monday, Apple today announced the winners of its annual Apple Design Awards, recognizing apps and games for their innovation, ingenuity, and technical achievement.
The 2025 Apple Design Award winners are listed below, with one app and one game selected per category:
Delight and Fun - CapWords (App) and Balatro (Game)
Innovation - Play (App) and PBJ -...
Apple made a major slip Wednesday when it accidentally included hardware identifiers in software code linking to numerous unannounced products.
The leaked information provided MacRumors with concrete evidence of Apple's hardware development across multiple product categories. Here's everything that was confirmed through the code discoveries:
New HomePod mini with updated chip – New...
