Advertisement
If you haven’t updated your Mac to the latest version of Ventura, Monterey, or Big Sur, you should hurry to do so. A nasty new bug, patched in last week’s updates, could be used by an attacker to bypass Apple’s strict security protections and install malware on your Mac.
Discovered by Microsoft, the company posted on its security blog about the vulnerability, named Achilles. Essentially, Achilles uses a file format in macOS called AppleDouble, which includes access control lists with restrictive permissions, to trick Gatekeeper, a macOS feature that prevents the installation of malware. Bypassing Gatekeeper, software installation can proceed without alerting the user or any part of the system, even in locked mode. Microsoft notes that since Apple’s new Lockdown mode is “aimed at stopping zero-click remote code execution exploits,” it is vulnerable to Achilles’ heel.
Achilles is listed in the National Vulnerability Database as CVE-2022-42821 and was discovered by Microsoft in July. It’s common for vulnerability discoverers to post about their findings after patches are released. Microsoft released a proof-of-concept video for Achilles, which you can watch here.
According to Apple’s security notes when macOS Ventura was released in October, Achilles was fixed, however, the fix was not mentioned in the original version of the notes and was only added on December 13. Apple also fixed Achilles in macOS Monterey and Big Sur in updates released last week.
Gatekeeper was introduced in Mac OS X Mountain Lion in 2012, and several security holes have been patched over the years – Microsoft’s blog lists six recent vulnerabilities in addition to Achilles. While Gatekeeper is an important feature to protect your Mac, it’s not perfect, so this is another reason why it’s a good idea to install OS updates as soon as possible.
