Published in News

Microsoft helps Apple sort out a serious malware problem

by on02 June 2023


Been around since 2015, Apple didn't notice

Software King of the World, Microsoft rushed to help save the fruity cargo cult Apple which was suffering from a serious security problem since 2015.

Jobs’ Mob had a security feature that allowed attackers to bypass macOS System Integrity Protection (SIP) and install “undeletable” malware while accessing private data on a Mac. Obviously, this feature was proof that Apple’s software designers were geniuses and ahead of their time, and soon everyone would follow them in designing security bugs like this one.

Fortunately for Apple, Vole spotted the vulnerability, which it nicknamed “Migraine” presumably because it would give the Tame Apple Press a headache trying to explain.

It allows an attacker to perform arbitrary operations on a Mac, hide malicious files from all monitoring tools, and expand the scope of the malware to attack the system’s kernel.

The irony is that SIP was designed as a security mechanism for macOS that stops potential malware from changing folders and files by preventing applications from gaining root access to the operating system.

Microsoft found that SIP could be bypassed by exploiting a special entitlement designed by Apple that grants unrestricted root access to the macOS Migration Assistant tool, which helps users transfer data from a Mac or Windows PC to another Mac.

As the Migration Assistant Tool is usually only accessible during the setup process of a new user account, Microsoft altered the tool to run while the user was still logged in and without physical access to the Mac.

This alteration caused the app to crash, so security researchers ran Setup Assistant in debug mode, disregarding changes to the Migration Assistant Tool.

 

Last modified on 02 June 2023
Rate this item
(3 votes)

Read more about: