Set as Homepage - Add to Favorites

日韩欧美成人一区二区三区免费-日韩欧美成人免费中文字幕-日韩欧美成人免费观看-日韩欧美成人免-日韩欧美不卡一区-日韩欧美爱情中文字幕在线

【trang web xxx】Mac users, download macOS 11.3 now to fix major security flaw

The trang web xxxlatest version of Apple's macOS comes with more than just a slew of fancy new features.

Buried inside macOS 11.3, which was released Monday morning, is a patch that fixes a critical vulnerability that was actively being exploited. This means that, yes, hackers or criminals or governments around the world were using this previously unreported bug for their own malicious ends.

That's according to Patrick Wardle, creator of the Mac security website and tool suite Objective-See. In a blog post timed to coincide with the release of macOS 11.3, Wardle explains just how serious the now-patched vulnerability is.

"This bug trivially bypasses many core Apple security mechanisms, leaving Mac users at grave risk," he writes.

Worryingly, Wardle and Jamf, a company that makes Apple management software for enterprise customers, were able to detect real malware exploiting this bug in the wild.

We reached out to Apple to both confirm Wardle's report and that macOS 11.3 contains a patch for this specific vulnerability. An Apple spokesperson confirmed that the latest version of macOS does include a fix for the underlying issues.

Discovered and reportedby Cedric Owens, an offensive security researcher, the bug — a logic flaw — reportedly allows a bad actor to bypass Apple's File Quarantine and Notarization requirements. It also, according to Apple, allows malware to skip the display of the Gatekeeper dialogue box but not bypass XProtect, Gatekeeper's malware detection, itself.

Why is this such a big deal?

"When a user downloads and opens an app, a plug-in, or an installer package from outside the App Store, Gatekeeper verifies that the software is from an identified developer, is notarized by Apple to be free of known malicious content, and hasn’t been altered," explains an Apple support page. "Gatekeeper also requests user approval before opening downloaded software for the first time to make sure the user hasn’t been tricked into running executable code they believed to simply be a data file."

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

Presumably, then, this bug allows malware to skip that latter part of the Gatekeeper process.

In other words, bad actors are able to use this exploit to render many of the protective measures your computer takes to ensure downloaded files aren't malware useless.

Wardle demonstrates what this looks like in practice with a quick proof-of-concept video. In the video, embedded below, he shows how a downloaded file — which, to the user, looks like a PDF file — launches the calculator app.

Mashable ImageSneaky. Credit: Patrick wardle

And while Mac users don't necessarily need to worry about their calculator apps, they should worry about supposed PDF files being able to launch random applications on their computers without a bunch of alarm bells going off.

A hacker, after all, won't be interested in simple addition and subtraction.

Instead, someone exploiting the vulnerability might be able to launch a hidden program that could be involved any number of worrisome activities — think ransomware, stealing credit card digits, or worse.

Wardle was quick to clarify that exploiting this bug requires a user to first click or download something. Still, that's only a partial assurance.

"The majority of Mac malware infections are a result of users (naively, or mistakenly) running something they should not," explained Wardle over direct message. "And while such infections, yes, do require user interaction, they are still massively successful. In fact the recently discovered Silver Sparrow malware, successfully infected over 30,000 Macs in a matter of weeks, even though such infections did require such user interactions."

Thankfully, macOS 11.3 contains a fix — a fact Wardle says he was able to verify by reverse-engineering the latest operating system. "And good news," writes Wardle on his blog, "once patched macOS users should regain full protection."

SEE ALSO: How to stop your cell provider from sharing (some of) your data

That's good news indeed.

So go ahead and download macOS 11.3, and rest easy knowing that at least this specific Mac security problem has been fixed. Don't, however, throw all caution to the wind — please still think twice before downloading random files from the internet.

Topics Apple Cybersecurity

0.1223s , 9999.8515625 kb

Copyright © 2025 Powered by 【trang web xxx】Mac users, download macOS 11.3 now to fix major security flaw,Public Opinion Flash  

Sitemap

Top 主站蜘蛛池模板: 久久精品国产亚洲av麻豆毛 | 自偷自拍亚洲欧美清纯唯美 | 无码系列精品专区 | 无码人妻一区二区三区九色 | 99久久免费国产精 | 2024亚洲天堂 | 女同学粉嫩无套第一次 | 日韩照片高级感 | 国产 欧美 亚洲 中文字幕 | 色播影院性播影院私人影院 | 国产精品人妻一区二区 | 亚洲欧洲专线 | 国产欧美欧洲一区二区日韩欧 | 国产女人乱人伦精品一区二区 | 大片免免费观看视频播放器在线观看 | 99久久亚洲综合精品成人网 | 99久久久国产精品免费 | 国产麻豆一精品AV一免费软件 | 国产91精品久线在线观看 | 久久久久久久波多野结衣高潮 | 国产精品成人亚洲一区二区 | 国产午夜乱理 | 日本美女家庭教师黄色网站 | 国产亚洲AV一二三区在线观看 | 秋霞成人午夜鲁丝一区二区三区 | 无码欧美黑人又大又 | 国产成人AV综合久久不卡 | 国产无遮挡一区二区三区 | 欧美激情肉欲高潮无码鲁大师 | 纯肉宠文高h一对一 | 韩国精品一卡2卡三卡4卡乱码 | a真人一级毛片日韩区 | 小明精品国产一区二区三区 | 亚洲国产成人精品无码区在线观 | 91麻豆国产福利精品91免费福利网 | 国产精品亚洲专区在线播放 | av粉嫩国产不卡无码一区二区 | 91大神国内精品免费观看 | 久久精品网站免费观看 | 亚洲高清综合 | 欧美日韩国产dvd在线观看 |