The discovery of a loophole that allows bypass the security feature Mac

Find out security researcher a way to bypass the security gate Gatekeeper for Mac, which is the loophole is still valid in the latest version of the operating system macOS 10.14.5 where the gate to the verification of all applications immediately downloaded.

This check prevents the app from running without the user’s consent. When the user downloads the application from outside the official App Store for the apps, tell the gate security checks of the code if it is compatible and licensed from the company, so that if not, it will not be open the app without getting directly authorized by the user.

A security researcher said in his blog that it is possible to override the function of the security gate completely, this means that it allows for any application in the device carrying out of the store to work without checking them or getting consent from the user, so that the hacker can excrete to send a file to the user, which in turn will download it without verified security, allowing to control by the attacker.

Says security researcher informed Apple of this bug in February 22 last, and that the company was supposed to address vulnerabilities in the version of macOS 10.14.5 which was launched last week. However, still this gap without an effective treatment, says a security researcher that the company stopped responding to emails.

Source: Filippo Cavallarin

Leave a Reply

Your email address will not be published. Required fields are marked *