Microsoft Finds Exploit That Leaves Mac Vulnerable

Charlie Fripp
Mac Featured

It’s a common myth that Apple’s macOS and iOS are impervious to malware and hackers. No matter the developer, any operating system is vulnerable when cybercriminals discover an exploit. While it is rare for Apple, Microsoft recently discovered an exploit that leaves Mac computers at the mercy of hackers.

Stay safe: learn how hackers demanded $10M with ransomware, then leaked personal info.

Patching the Holes

Any computer user will know that there is a potential treasure trove of information on the device’s hard drive. Anything from family photos and videos to banking details and social media credentials is stored on computers and web browsers. Therefore, if a hacker gains full access to your Mac, it could have serious consequences.

Microsoft recently discovered one of these vulnerabilities, called Migraine, that creates a tunnel for hackers into the depths of a Mac computer. The flaw enables a cybercriminal to bypass the macOS System Integrity Protection (SIP), the default method of locking down and protecting root access. 

Mac Malware
Image source: Unsplash

By sidestepping the built-in security checks, it opens the door for “attackers and malware authors to successfully install rootkits, create persistent malware, and expand the attack surface for additional techniques and exploits,” Microsoft explains. That is the technical explanation, but in layman’s terms, the exploit allows hackers to:

  • Create undeletable malware that is protected by the same SIP system it breached.
  • Expand the scope of the malware to attack the system’s kernel when antivirus software stops monitoring the kernel for malicious activity.
  • Completely bypass the Transparency, Consent, and Control (TCC) policies, letting arbitrary apps capture and distribute personal information.
  • Hide malicious processes or files from all monitoring tools.

Microsoft successfully replicated the exploit and notified Apple through the Coordinated Vulnerability Disclosure system, which officially designated it as CVE-2023-32369. If you have a computer running macOS, you must update your operating system to the latest version, as a fix for this exploit is included in the May 18, 2023 patch.

Tip: learn how to safely test any Windows antivirus against real malware.

Image credit: Unsplash

Charlie Fripp
Charlie Fripp

Charlie Fripp is a technology writer with a strong focus on consumer gadgets, video games, and cyber security. He holds an undergraduate degree in professional journalism and has worked as a journalist for over 15 years. In his spare time, he enjoys playing various musical instruments and gardening.

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox