Microsoft Discovered New 'Powerdir' macOS Vulnerability, Fixed in 12.1 Update

by

Microsoft's 365 Defender Research Team this morning published details on a new "Powerdir" macOS vulnerability that let an attacker bypass the Transparency, Consent, and Control technology to gain unauthorized access to protected data.

powerdir exploit microsoft
Apple already addressed the CVE-2021-30970 vulnerability in the macOS Monterey 12.1 update that was released in December, so users who have updated to the latest version of Monterey are protected. Those who have not done so should update. Apple in its security release notes for the 12.1 update confirmed the TCC vulnerability and credited Microsoft with its discovery.

According to Microsoft, the "Powerdir" security flaw could allow a fake TCC database to be planted. TCC is a long running macOS function that lets users configure the privacy settings of their apps, and with the fake database, a malicious person could hijack an app installed on a Mac or install their own malicious app, accessing the microphone and camera to obtain sensitive info.

Microsoft has a detailed outline of how the vulnerability works, and the company says that its security researchers continue to "monitor the threat landscape" to discover new vulnerabilities and attacker techniques that affect macOS and other non-Windows devices.

"Software vendors like Apple, security researchers, and the larger security community, need to continuously work together to identify and fix vulnerabilities before attackers can take advantage of them," wrote Microsoft's security team.

Tags: Microsoft, Vulnerabiltiies
Related Forum: macOS Monterey

Popular Stories

maxresdefault

Where's the New Apple TV?

Monday December 22, 2025 11:30 am PST by
Apple hasn't updated the Apple TV 4K since 2022, and 2025 was supposed to be the year that we got a refresh. There were rumors suggesting Apple would release the new Apple TV before the end of 2025, but it looks like that's not going to happen now. Subscribe to the MacRumors YouTube channel for more videos. Bloomberg's Mark Gurman said several times across 2024 and 2025 that Apple would...
Read Full Article184 comments
Apple Wallet ID Illinois

Apple Plans to Expand iPhone Driver's Licenses to These 7 U.S. States

Wednesday December 24, 2025 8:40 am PST by
In select U.S. states, residents can add their driver's license or state ID to the Apple Wallet app on the iPhone and Apple Watch, and then use it to display proof of identity or age at select airports and businesses, and in select apps. The feature is currently available in 13 U.S. states and Puerto Rico, and it is expected to launch in at least seven more in the future. To set up the...
Read Full Article71 comments
iPhone Top Left Hole Punch Face ID Feature Purple

iPhone 18 Pro Launching Next Year With These 12 New Features

Tuesday December 23, 2025 8:36 am PST by
While the iPhone 18 Pro and iPhone 18 Pro Max are not expected to launch for another nine months, there are already plenty of rumors about the devices. Below, we have recapped 12 features rumored for the iPhone 18 Pro models. The same overall design is expected, with 6.3-inch and 6.9-inch display sizes, and a "plateau" housing three rear cameras Under-screen Face ID Front camera in...
Read Full Article100 comments
iOS 26

iOS 26.2 Adds These 8 New Features to Your iPhone

Monday December 22, 2025 8:47 am PST by
Earlier this month, Apple released iOS 26.2, following more than a month of beta testing. It is a big update, with many new features and changes for iPhones. iOS 26.2 adds a Liquid Glass slider for the Lock Screen's clock, offline lyrics in Apple Music, and more. Below, we have highlighted a total of eight new features. Liquid Glass Slider on Lock Screen A new slider in the Lock...
Read Full Article
airpods color prototypes

Apple Tested AirPods in Bright Colors

Saturday December 27, 2025 6:06 am PST by
Apple reportedly tested a version of the first-generation AirPods with bright, iPhone 5c-like colored charging cases. The images, shared by the Apple leaker and prototype collector known as "Kosutami," claim to show first-generation AirPods prototypes with pink and yellow exterior casings. The interior of the charging case and the earbuds themselves remain white. They seem close to some...
Read Full Article81 comments
maxresdefault

10 Mac Apps Worth Trying in 2026

Wednesday December 24, 2025 9:27 am PST by
2026 is almost upon us, and a new year is a good time to try out some new apps. We've rounded up 10 excellent Mac apps that are worth checking out. Subscribe to the MacRumors YouTube channel for more videos. Alt-Tab (Free) - Alt-Tab brings a Windows-style alt + tab thumbnail preview option to the Mac. You can see a full window preview of open apps and app windows. One Thing (Free) -...
Read Full Article101 comments
top stories 2025 12 27

Top Stories: iPhone Fold Mockup, Where's the New Apple TV?, and More

Saturday December 27, 2025 6:00 am PST by
Merry Christmas and Happy Holidays from MacRumors! News in the Apple world has unsurprisingly been relatively slow over the past week, but Apple's upcoming foldable iPhone managed to make its way back into the news, while we also shared updates on current and future Apple TV news. iOS 26.3 will be bringing some new features, particularly for users in the EU, so we'll look for additional...
Read Full Article17 comments

Top Rated Comments

JosephAW Avatar
JosephAW
52 months ago
Wondering if we’ll get a security update on older MacOS:rolleyes:
Score: 17 Votes (Like | Disagree)
B4U Avatar
B4U
52 months ago
Considering Mojave is the last Mac OS that supports 32 bit apps, hopefully they will backport this fix to that OS as well.
Apple can do a better job of letting us know when an OS is actually no longer supported.
Score: 14 Votes (Like | Disagree)
MacNerd01 Avatar
MacNerd01
52 months ago

I'm confused. We like Microsoft and Google now? They're now our friends? :p
Just because this is an apple-focused site doesn’t mean we hate other companies.
Score: 11 Votes (Like | Disagree)
Stella Avatar
Stella
52 months ago

Shouldn’t MSFT focus on finding and addressing their own security holes?
Microsoft are large enough to do both, and more.
Score: 10 Votes (Like | Disagree)
kobaltz Avatar
kobaltz
52 months ago

Wondering if we’ll get a security update on older MacOS:rolleyes:
From the CVE
[TABLE]
[TR]
[TD]
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, macOS Big Sur 11.6.2. A malicious application may be able to bypass Privacy preferences.[/TD]
[/TR]
[/TABLE]

So, it was back ported to Big Sur, but I dunno about Catalina or others.
Score: 10 Votes (Like | Disagree)
NightFox Avatar
NightFox
52 months ago

Shouldn’t MSFT focus on finding and addressing their own security holes?
They do, but they also have the Defender 365 Research Team who purely assess third party products like this.
Score: 8 Votes (Like | Disagree)
Read All Comments