Technology

MacOS Vulnerability Allows Hackers to Cut Security and Remove All Passwords

MacOS Vulnerability Allows Hackers to Cut Security and Remove All Passwords. The solution will arrive with the Mojave macOS

MacOS Vulnerability – A new zero-day vulnerability that allows users to compromise the entire macOS operating system has been formalized by Patrick Wardle, a former NSA hacker.

Zero-day defects and other safety problems are present in all operating systems, and they are found from time to time, usually by researchers. Patches are removed, and bugs are patched, at least until new ones are found.

The same thing happened when Patrick Wardle, Chief Research Officer of Digita Security and a former NSA hacker, discovered, accidentally, a vulnerability in Accessibility features on macOS that would allow it to fully compromise with the operating system.

MacOS Vulnerability, Pass-through the access and password prompt

The problem comes with the Accessibility feature that allows users to interact with the interface through virtual clicks, resulting in synthetic events, which are basically interactions with UI. Although this theory is designed to help people with disabilities, it also allows people to click on security requests and load kernel extensions.

This also allows the attacker to pass through the keychain access prompt, and consequently extract the password. This is an older problem and is documented in CVE-2017-7150. Needless to say, throwing away all the passwords from the keychain is a bad thing.

Patrick described the attack, but he did not disclose the specifications. “Armed with a bug, it’s trivial to program bypassing the ‘User-Approved Kext’ security feature that Apple praises, removing all passwords from the keychain, bypassing third-party security tools, and more! And because Apple patches aren’t complete (shocking surprise) we will drop the 0 days which (still) allow the unprioritized code to post-synthetic events and pass various security mechanisms in the macOS box that is fully patched! ”

It is important to mention that this attack was carried out on MacOS patch completely, which was even more strange. Technically, developers are far from synthetic clicks and they know it is a security risk that needs to be addressed.

Finally, there is good news and bad news. Apple patches the problem on the latest Mojave MacOS, which is still in Beta. The bad news is that they use a “hammer” approach, and Apple removes all synthetic events as a whole. It is possible that some legitimate functions and features will be blocked or disabled.

 

 

 

MacOS Vulnerability Allows Hackers to Cut Security and Remove All Passwords MacOS Vulnerability Allows Hackers to Cut Security and Remove All Passwords Reviewed by Admin on 10:19 Rating: 5

No comments:

Powered by Blogger.