According to Owens, the bug allowed him to create a malicious app that looked like a harmless file, allowing him to circumvent macOS’ built-in security mechanisms when it was opened.
According to security researchers Cedric Owens and Patrick Wardle, hackers exploited a major macOS software bug that enabled them to bypass core Apple security checks, putting Mac users at risk.
Owens noted that the bug allowed him to create a malicious app that looked like a harmless file, allowing him to circumvent macOS’ built-in security mechanisms when it was opened.
Owens added that all a user has to do is download the payload in the form of a ‘.dmg’ or ‘.zip’ file. The payload explodes quietly without warning once the victim double clicks the malicious file.
He had identified the bug and reported it to Apple, which has since fixed it in macOS 11.3. To prevent any security risks, Owens advised all users to upgrade to BigSur 11.3 as soon as possible.
In a blog post, Mac security researcher Patrick Wardle explained how and why the bug works. He stated that it was possible to build a malicious app without being notarized due to a subtle logic bug in Apple’s policy engine. Also, because of Apple’s app review process, the app was able to launch without any warnings or notifications.
Wardle observed that the innocuous PDF document could launch the calculator app and perform other tasks without notarization. He also noted that the bug could be introduced by macOS 10.15’s new notarisation logic, implying that Apple’s attempt to secure macOS backfired.