Now patched, a flaw exists in Apple macOS that allows attackers with root access to bypass security enforcements and perform arbitrary actions on affected devices.
The problem arises from a flaw in systemmigrationd, a daemon used to handle device transfer.
It enables any of its child processes, including bash and perl, to bypass SecureIP checks.
Following responsible disclosure, the vulnerability was addressed by Apple as part of updates shipped on May 18, 2023.
The implications of arbitrary SIP bypasses are serious, as the potential for malware authors is significant.
Microsoft has shared details of a now-patched flaw inApple macOS that could be abused by threat actors with root control.
The most straight-forward implication of this sIP bypass is that an attacker can create files that are protected by SIP and therefore undeletable by ordinary means, the researchers Jonathan Bar Or, Michael Pearse, and Anurag Bohra said.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply