Microsoft Discovered New 'Powerdir' macOS Vulnerability, Fixed in 12.1 Update

Microsoft's 365 Defender Research Team this morning published details on a new "Powerdir" macOS vulnerability that let an attacker bypass the Transparency, Consent, and Control technology to gain unauthorized access to protected data.

powerdir exploit microsoft
Apple already addressed the CVE-2021-30970 vulnerability in the macOS Monterey 12.1 update that was released in December, so users who have updated to the latest version of Monterey are protected. Those who have not done so should update. Apple in its security release notes for the 12.1 update confirmed the TCC vulnerability and credited Microsoft with its discovery.

According to Microsoft, the "Powerdir" security flaw could allow a fake TCC database to be planted. TCC is a long running macOS function that lets users configure the privacy settings of their apps, and with the fake database, a malicious person could hijack an app installed on a Mac or install their own malicious app, accessing the microphone and camera to obtain sensitive info.

Microsoft has a detailed outline of how the vulnerability works, and the company says that its security researchers continue to "monitor the threat landscape" to discover new vulnerabilities and attacker techniques that affect macOS and other non-Windows devices.

"Software vendors like Apple, security researchers, and the larger security community, need to continuously work together to identify and fix vulnerabilities before attackers can take advantage of them," wrote Microsoft's security team.

Related Forum: macOS Monterey

Popular Stories

iPhone 17 Pro Colors

Apple Announces iPhone 17 Pro and Pro Max With New Design, Larger Battery, and More

Tuesday September 9, 2025 10:59 am PDT by
Apple today introduced the iPhone 17 Pro and iPhone 17 Pro Max. Both devices feature a new aluminum unibody design, with the Ceramic Shield now protecting both the front and back sides. Apple says the front side is now Ceramic Shield 2, which offers 3x better scratch resistance, while the rear Ceramic Shield is advertised as 4x more resistant to cracks compared to the back glass on previous...
iPhone 17 Pro Dark Blue and Orange

iPhone 17 and iPhone 17 Pro: Release Date and Pre-Orders

Monday September 8, 2025 11:30 am PDT by
Apple will be holding its annual iPhone event on Tuesday, September 9, to unveil the iPhone 17, iPhone 17 Air, iPhone 17 Pro, and iPhone 17 Pro Max. Assuming that Apple sticks to its familiar pattern, the iPhone 17 series should be available to pre-order starting Friday, September 12 at 5 a.m. Pacific Time / 8 a.m. Eastern Time. The release date for the devices should be one week later, on Fr...
Awe Dropping MR Live Coverage Article

Apple Event Live Blog: iPhone 17, iPhone Air, New Apple Watches, and AirPods Pro 3

Tuesday September 9, 2025 8:55 am PDT by
Apple's "Awe Dropping" event kicks off today at 10:00 a.m. Pacific Time, where we're expecting to see the iPhone 17 lineup, several updated Apple Watch models, and the third-generation AirPods Pro unveiled, and perhaps some other announcements. Apple is providing a live video stream on its website, on YouTube, and in the company's TV app across various platforms. We will also be updating...
airpods pro 2

Two Versions of AirPods Pro 3 Coming With These Differences

Monday September 8, 2025 4:51 am PDT by
Apple is preparing to launch two versions of the AirPods Pro 3 over 2025 and 2026, according to a Weibo leaker. Yesterday, supply chain analyst Ming-Chi Kuo reported that Apple is planning to debut the AirPods Pro 3 this year. They could arrive as soon as this week at Apple's "Awe dropping" event. Crucially, Kuo added that Apple is planning to introduce a successor to this year's AirPods ...
iPhone 17 Pro 3 4ths Perspective Aluminum Camera Module 1

New iPhone 17 Pro Details: Brighter Display, Best Battery Life, and More

Wednesday September 3, 2025 5:33 am PDT by
Apple's iPhone 17 Pro and iPhone 17 Pro Max models will feature a number of significant display, thermal, and battery improvements, according to new late-stage rumors. According to the Weibo leaker known as "Instant Digital," the iPhone 17 Pro models will feature displays with higher brightness, making it more suitable for use in direct sunlight for prolonged periods. The iPhone 16 Pro and...
iphone air

Apple Announces iPhone Air With Ultra-Thin Design

Tuesday September 9, 2025 10:45 am PDT by
Apple today unveiled the iPhone Air, an all-new kind of iPhone featuring an ultra-thin design. The iPhone Air is just 5.6mm thick, making it the thinnest iPhone ever. The frame is made of titanium with a polished mirror finish. The device features Ceramic Shield 2 with 3x better scratch resistance and 4x better crack resistance, on both sides of the device for the first time. Apple says that ...

Top Rated Comments

JosephAW Avatar
48 months ago
Wondering if we’ll get a security update on older MacOS:rolleyes:
Score: 17 Votes (Like | Disagree)
B4U Avatar
48 months ago
Considering Mojave is the last Mac OS that supports 32 bit apps, hopefully they will backport this fix to that OS as well.
Apple can do a better job of letting us know when an OS is actually no longer supported.
Score: 14 Votes (Like | Disagree)
MacNerd01 Avatar
48 months ago

I'm confused. We like Microsoft and Google now? They're now our friends? :p
Just because this is an apple-focused site doesn’t mean we hate other companies.
Score: 11 Votes (Like | Disagree)
Stella Avatar
48 months ago

Shouldn’t MSFT focus on finding and addressing their own security holes?
Microsoft are large enough to do both, and more.
Score: 10 Votes (Like | Disagree)
kobaltz Avatar
48 months ago

Wondering if we’ll get a security update on older MacOS:rolleyes:
From the CVE
[TABLE]
[TR]
[TD]
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, macOS Big Sur 11.6.2. A malicious application may be able to bypass Privacy preferences.[/TD]
[/TR]
[/TABLE]

So, it was back ported to Big Sur, but I dunno about Catalina or others.
Score: 10 Votes (Like | Disagree)
NightFox Avatar
48 months ago

Shouldn’t MSFT focus on finding and addressing their own security holes?
They do, but they also have the Defender 365 Research Team who purely assess third party products like this.
Score: 8 Votes (Like | Disagree)