marry 15.01.2025, 09:30 AM
macOS System Integrity Protection (SIP) is critical to protecting Apple’s operating system from malware and other threats. SIP imposes restrictions on system-level operations, even for users with root privileges.
Microsoft Threat Intelligence discovered a vulnerability, CVE-2024-44243, that could be used to bypass SIP, allowing third-party kernel extensions to be loaded and resulting in serious security implications for users.
Bypassing SIP affects the entire macOS operating system and can lead to the installation of malware or rootkits, bypassing the macOS Transparency, Consent, and Control (TCC) framework. TCC prevents applications from accessing user’s personal data, such as location, search history, camera, microphone or others, without user’s consent and circumvention may lead to compromise of private data. In addition to the above, this vulnerability could allow attackers to disable or modify security tools.
Microsoft and security researcher Mickey Jean informed Apple about this discovery, after which the company released a patch for the vulnerability in December 2024. Users should update their systems to avoid risks.
Microsoft researchers previously found a technique that removes TCC protection for the directory of Apple’s Safari web browser, and Apple released a patch for this vulnerability on September 16 last year.
Photo: dlxmedia.hu | Unsplash
Source: www.informacija.rs
