CySecurity News – Latest Information Security and Hacking Incidents
On January 11th, Microsoft disclosed a vulnerability in Apple’s macOS that might let an attacker to get unauthorised access to protected user data by circumventing the operating system’s Transparency, Consent, and Control (TCC) technology. On July 15, 2021, the Microsoft Security Vulnerability Research (MSVR) team disclosed its discovery to Apple’s product security team. In a security update released on December 13, Apple fixed CVE-2021-30970, dubbed “Powerdir.”
TCC is an Apple subsystem that was first introduced in macOS Mountain Lion in 2012. The technology was created to assist users in configuring the privacy settings of their device’s applications, such as access to the camera or microphone, or access to their calendar or iCloud account.
Previously, apps could directly access TCC databases to see and even edit their contents. Apple made two adjustments in response to the possibility of bypass. First, Apple used System Integrity Protection (SIP) to safeguard the system-wide TCC.db, a macOS feature that prohibits illegal code execution. Second, Apple implemented a TCC policy requiring that only apps with full disk access can access the TCC.db files.
The vulnerability discovered by Microsoft would allow attackers to circumvent this feature and start an attack on a macOS device. When an app asks for access to protected user data, one of two things can happen: If the app and request type have a record in the TCC databases, a flag in the database entry indicates whether the request should be allowed o
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: