A Breach Through the MacOS Gatekeeper

There’s a MacOS malware vulnerability that hasn’t been patched, according to one of the security researchers. This utilizes the way that the MacOS treats network shares as friendly and could be tricked into running the malware; this is, however, just a theory.

Filippo Cavallarin, a security researcher had found this vulnerability in the MacOS security system, Gatekeeper. Even though the system vulnerability would require one to access a file containing the malicious software, and trusting the files within. The process is still something that abuses Gatekeeper security system of the MacOS.

Cavallarin had stated that he had told Apple about the issue approximately 90 days ago. And with the latest update to the MacOS of 10.14.5, it still remains vulnerable to the issue. As per his 90-day policy, Cavallarin had publicized the issue so that all may see it. Apple has still not responded regarding this statement.

It would be a good idea for one to be wary of any incoming files unless it truly is from a trusted source.