Set as Homepage - Add to Favorites

日韩欧美成人一区二区三区免费-日韩欧美成人免费中文字幕-日韩欧美成人免费观看-日韩欧美成人免-日韩欧美不卡一区-日韩欧美爱情中文字幕在线

【trang web xxx】Mac users, download macOS 11.3 now to fix major security flaw

The trang web xxxlatest version of Apple's macOS comes with more than just a slew of fancy new features.

Buried inside macOS 11.3, which was released Monday morning, is a patch that fixes a critical vulnerability that was actively being exploited. This means that, yes, hackers or criminals or governments around the world were using this previously unreported bug for their own malicious ends.

That's according to Patrick Wardle, creator of the Mac security website and tool suite Objective-See. In a blog post timed to coincide with the release of macOS 11.3, Wardle explains just how serious the now-patched vulnerability is.

"This bug trivially bypasses many core Apple security mechanisms, leaving Mac users at grave risk," he writes.

Worryingly, Wardle and Jamf, a company that makes Apple management software for enterprise customers, were able to detect real malware exploiting this bug in the wild.

We reached out to Apple to both confirm Wardle's report and that macOS 11.3 contains a patch for this specific vulnerability. An Apple spokesperson confirmed that the latest version of macOS does include a fix for the underlying issues.

Discovered and reportedby Cedric Owens, an offensive security researcher, the bug — a logic flaw — reportedly allows a bad actor to bypass Apple's File Quarantine and Notarization requirements. It also, according to Apple, allows malware to skip the display of the Gatekeeper dialogue box but not bypass XProtect, Gatekeeper's malware detection, itself.

Why is this such a big deal?

"When a user downloads and opens an app, a plug-in, or an installer package from outside the App Store, Gatekeeper verifies that the software is from an identified developer, is notarized by Apple to be free of known malicious content, and hasn’t been altered," explains an Apple support page. "Gatekeeper also requests user approval before opening downloaded software for the first time to make sure the user hasn’t been tricked into running executable code they believed to simply be a data file."

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

Presumably, then, this bug allows malware to skip that latter part of the Gatekeeper process.

In other words, bad actors are able to use this exploit to render many of the protective measures your computer takes to ensure downloaded files aren't malware useless.

Wardle demonstrates what this looks like in practice with a quick proof-of-concept video. In the video, embedded below, he shows how a downloaded file — which, to the user, looks like a PDF file — launches the calculator app.

Mashable ImageSneaky. Credit: Patrick wardle

And while Mac users don't necessarily need to worry about their calculator apps, they should worry about supposed PDF files being able to launch random applications on their computers without a bunch of alarm bells going off.

A hacker, after all, won't be interested in simple addition and subtraction.

Instead, someone exploiting the vulnerability might be able to launch a hidden program that could be involved any number of worrisome activities — think ransomware, stealing credit card digits, or worse.

Wardle was quick to clarify that exploiting this bug requires a user to first click or download something. Still, that's only a partial assurance.

"The majority of Mac malware infections are a result of users (naively, or mistakenly) running something they should not," explained Wardle over direct message. "And while such infections, yes, do require user interaction, they are still massively successful. In fact the recently discovered Silver Sparrow malware, successfully infected over 30,000 Macs in a matter of weeks, even though such infections did require such user interactions."

Thankfully, macOS 11.3 contains a fix — a fact Wardle says he was able to verify by reverse-engineering the latest operating system. "And good news," writes Wardle on his blog, "once patched macOS users should regain full protection."

SEE ALSO: How to stop your cell provider from sharing (some of) your data

That's good news indeed.

So go ahead and download macOS 11.3, and rest easy knowing that at least this specific Mac security problem has been fixed. Don't, however, throw all caution to the wind — please still think twice before downloading random files from the internet.

Topics Apple Cybersecurity

0.1223s , 9999.8515625 kb

Copyright © 2025 Powered by 【trang web xxx】Mac users, download macOS 11.3 now to fix major security flaw,Public Opinion Flash  

Sitemap

Top 主站蜘蛛池模板: 国产成人尤物精品一区 | 丰满人妻熟妇乱又伦精品视 | 国产精品无码AV久久久 | 久久国产综合精品五月天 | 亚洲欧美丝袜精品久久 | 久久国产一区二区免费看 | 国产97人妻人人做人碰人人爽 | 国产绿帽绿奴一区二区 | 国产一区二区免费精品 | 久久久久人妻一区精品色欧美 | 国产在线观看首页123 | 久久无码精品一区二区三区不 | av蜜臀网站 | 日韩人妻精品一区二区三 | 久久久久久久精品免费看a片资源 | 久久国内精品自在自线 | 亚洲精品久久久一区 | av天堂永久资源网 | 免费一级欧美片片线观看 | 一区二区三区动漫成人在线观看 | 亚洲欧美精品天堂久久综合一区 | 国产人伦人妻精品一区二区 | 亚洲av无码精品五月花 | 国产一区二区三区高清在线观看 | 秋霞在线观看视频一区二区三区 | WWW亚洲精品少妇裸乳一区二区 | 国产一产二产三精华 | 国产一在线精品一区 | 欧美天堂久久 | 琪琪色原网20岁以下热热色原网站 | 欧美在线亚洲 | 麻豆一区二区99久久久久 | 99热国产这里只有精品无卡顿 | freesexvideos精品老师毛多 | chinese激烈高潮hd | 亚洲av永久无码精品一区二区国产 | 糙汉顶弄抽插HHHH | 涩涩资源中文字幕久久婷婷爱 | 久久久国产99久久国产一 | 自拍青草99视频 | 久久久久夜色精品波多野结衣 |