Security researchers have shared facts about a now-addressed security flaw in Apple’s macOS functioning technique that could be possibly exploited to run destructive applications in a manner that can bypass Apple’s security measures
The Vulnerability is rooted in the built-in archive utility and “could allow the execution of an unsigned and unlisted application without showing security questions to the user, by using a specially crafted archive,” Apple device management company Jamf said in an analysis..
Apple described the bug as a logical problem that allowed an archive file to bypass Gatekeeper controls. This is designed so that only trusted software runs on the operating system.
However security technology achieves this by verifying that the downloaded package comes from a legitimate developer and has been endorsed by Apple.
It’s also worth noting that archive files downloaded from the Internet are tagged with the extended attribute “com.apple.quarantine”.
Finally the conclusions occur extra than 6 months after Apple addressed yet another very similar flaw in macOS Catalina, Major Sur 11.6.5, and Monterey 12.3 (CVE-2022-22616) that could make it possible for a destructive ZIP archive to bypass Gatekeeper checks.