Even Microsoft Advises you to Patch Your Mac - macOS Critical vulnerability confirmed
Take action: Imagine the malware being the most protected piece of software in your computer? When Microsoft starts panicking about a competitor OS, it's time to finally (and urgently) patch your macOS.
Learn More
Microsoft has provided detailed information about a recently patched vulnerability in Apple macOS that could be exploited by malicious actors with root access. This flaw, named "Migraine: and identified as CVE-2023-32369, allowed threat actors to bypass security measures and carry out unauthorized actions on affected devices.
The vulnerability specifically targeted a key security feature called System Integrity Protection (SIP), also known as "rootless." SIP limits the actions that the root user can perform on protected files and folders. By exploiting Migraine, an attacker could circumvent SIP and create malware that are protected by the SIP itself, making them undeletable by normal means.
Imagine the malware being the most protected part in your computer?
The implications of this vulnerability were even more severe, as it could be leveraged to achieve arbitrary kernel code execution and gain access to sensitive data by replacing databases responsible for managing Transparency, Consent, and Control (TCC) policies.
The bypass was made possible by utilizing a built-in macOS tool called Migration Assistant, which activated the migration process through an AppleScript designed to launch a malicious payload.
A attacker who already had code execution capabilities as the root user could trigger systemmigrationd to execute perl, which could then run a malicious shell script during the migration process.
