Microsoft Discovered New 'Powerdir' macOS Vulnerability, Fixed in 12.1 Update

by

Microsoft's 365 Defender Research Team this morning published details on a new "Powerdir" macOS vulnerability that let an attacker bypass the Transparency, Consent, and Control technology to gain unauthorized access to protected data.

powerdir exploit microsoft
Apple already addressed the CVE-2021-30970 vulnerability in the macOS Monterey 12.1 update that was released in December, so users who have updated to the latest version of Monterey are protected. Those who have not done so should update. Apple in its security release notes for the 12.1 update confirmed the TCC vulnerability and credited Microsoft with its discovery.

According to Microsoft, the "Powerdir" security flaw could allow a fake TCC database to be planted. TCC is a long running macOS function that lets users configure the privacy settings of their apps, and with the fake database, a malicious person could hijack an app installed on a Mac or install their own malicious app, accessing the microphone and camera to obtain sensitive info.

Microsoft has a detailed outline of how the vulnerability works, and the company says that its security researchers continue to "monitor the threat landscape" to discover new vulnerabilities and attacker techniques that affect macOS and other non-Windows devices.

"Software vendors like Apple, security researchers, and the larger security community, need to continuously work together to identify and fix vulnerabilities before attackers can take advantage of them," wrote Microsoft's security team.

Tags: Microsoft, Vulnerabiltiies
Related Forum: macOS Monterey

Popular Stories

iOS 26

iOS 26.1 Coming Soon: New Features for Your iPhone and Release Date

Monday October 27, 2025 7:55 am PDT by
The upcoming iOS 26.1 update includes a handful of new features and changes for iPhones, including a toggle for changing the appearance of the Liquid Glass design, "slide to stop" for alarms in the Clock app, and more. Below, we outline key details about iOS 26.1. Release Date Given that Apple has yet to seed an iOS 26.1 Release Candidate, which is typically the final beta version, the...
Read Full Article
maxresdefault

Apple TV 4K Could Still Launch Before 2025 Ends: All the Rumored Features

Monday October 27, 2025 4:51 pm PDT by
Apple is designing an updated version of the Apple TV 4K, and rumors suggest that it could come out sometime in the next couple of months. We're not expecting a major overhaul with design changes, but even a simple chip upgrade will bring major improvements to Apple's set-top box. Subscribe to the MacRumors YouTube channel for more videos. We've rounded up all the latest Apple TV rumors. ...
Read Full Article154 comments
iOS 26

6 New Things Your iPhone Can Do in iOS 26.1

Wednesday October 29, 2025 4:22 am PDT by
Apple is about to drop iOS 26.1, the first major point release since iOS 26 was rolled out in September, and there are at least six notable changes and improvements to look forward to. We've rounded them up below. Apple has already provided developers and public beta testers with the release candidate version of iOS 26.1, which means Apple will likely roll out the update to all compatible...
Read Full Article56 comments
M6 MacBook Pro Feature 1

M6 MacBook Pro: Release Date, Pricing, and What to Expect

Monday October 27, 2025 9:15 am PDT by
Apple this month refreshed the 14-inch MacBook Pro base model with its new M5 chip, and higher-end 14-inch and 16-inch MacBook Pro models with M5 Pro and M5 Max chips are expected to follow in early 2026. However, these machines will represent the final update to the current design, with Apple reportedly developing a completely new version of the MacBook Pro packed with next-generation hardware...
Read Full Article145 comments
iOS 26

Apple Seeds iOS 26.1, iPadOS 26.1, and macOS Tahoe 26.1 Release Candidates

Tuesday October 28, 2025 1:07 pm PDT by
Apple today provided developers and public beta testers with the release candidate versions of upcoming iOS 26.1, iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, watchOS 26.1, and visionOS 26.1 updates for testing purposes. The RCs betas come a week after Apple released the fourth betas. The new betas can be downloaded from the Settings app on a compatible device by going to General > Software...
Read Full Article59 comments
iOS 26 Battery Glass Feature

iOS 26.1 Beta Liquid Glass Battery Drain Test: Tinted vs Clear Mode

Friday October 24, 2025 2:30 pm PDT by
In the fourth iOS 26.1 beta, Apple added a "Tinted" option that reduces the translucency of Liquid Glass for those who prefer a more opaque look. I saw some comments wondering whether the setting might preserve battery life, so I thought I'd do some testing. Test Settings I did four separate tests using the iPhone 17 Pro Max, and I kept the parameters as similar as possible. Here are the...
Read Full Article109 comments
ios 26 digital id passport wallet

Apple Says U.S. Passport Feature on iPhone is Coming Soon

Monday October 27, 2025 7:41 am PDT by
You will "soon" be able to add a digital version of your U.S. passport to your iPhone, according to Jennifer Bailey, vice president of Apple Pay and Apple Wallet. Bailey reiterated that the feature is coming soon during her keynote at the Money20/20 USA conference in Las Vegas on Sunday. On its iOS 26 page, Apple says the delayed feature will be "coming later this year." Apple's...
Read Full Article57 comments
macos tahoe

Here Are Apple's Release Notes for macOS Tahoe 26.1

Tuesday October 28, 2025 1:21 pm PDT by
Apple today provided developers and public beta testers with the release candidate version of macOS Tahoe 26.1, which means the update will likely see a public launch next week. The release candidate includes notes on what's in the update, so we have a full picture of the new features that Apple has included. macOS Tahoe 26.1 adds AutoMix support over AirPlay, improved FaceTime audio...
Read Full Article63 comments
All Screen iPhone 2027 Feature 1

iPhone XX? 6 Features Rumored for Apple's 20th Anniversary iPhone

Monday October 27, 2025 4:01 pm PDT by
For the 10th anniversary iPhone that came out in 2017, Apple introduced the iPhone X with Face ID, notch, and minimized bezels, providing more display space than ever before. The 20th iPhone anniversary is approaching and Apple wants to take the iPhone X design even further. We're two years away from the 2027 iPhone, but it's tough for Apple to keep major changes under wraps. We've rounded...
Read Full Article86 comments

Top Rated Comments

JosephAW Avatar
JosephAW
50 months ago
Wondering if we’ll get a security update on older MacOS:rolleyes:
Score: 17 Votes (Like | Disagree)
B4U Avatar
B4U
50 months ago
Considering Mojave is the last Mac OS that supports 32 bit apps, hopefully they will backport this fix to that OS as well.
Apple can do a better job of letting us know when an OS is actually no longer supported.
Score: 14 Votes (Like | Disagree)
MacNerd01 Avatar
MacNerd01
50 months ago

I'm confused. We like Microsoft and Google now? They're now our friends? :p
Just because this is an apple-focused site doesn’t mean we hate other companies.
Score: 11 Votes (Like | Disagree)
Stella Avatar
Stella
50 months ago

Shouldn’t MSFT focus on finding and addressing their own security holes?
Microsoft are large enough to do both, and more.
Score: 10 Votes (Like | Disagree)
kobaltz Avatar
kobaltz
50 months ago

Wondering if we’ll get a security update on older MacOS:rolleyes:
From the CVE
[TABLE]
[TR]
[TD]
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, macOS Big Sur 11.6.2. A malicious application may be able to bypass Privacy preferences.[/TD]
[/TR]
[/TABLE]

So, it was back ported to Big Sur, but I dunno about Catalina or others.
Score: 10 Votes (Like | Disagree)
NightFox Avatar
NightFox
50 months ago

Shouldn’t MSFT focus on finding and addressing their own security holes?
They do, but they also have the Defender 365 Research Team who purely assess third party products like this.
Score: 8 Votes (Like | Disagree)
Read All Comments