Apple

Update MacOS now to fix zero-day vulnerability

MacOS users are advised to update their operating system to the latest version this week after security researchers discover a vulnerability already being exploited by crooks.

When we hear the phrases “zero-day vulnerabilities” and “emergency security patches”, we usually think of Windows, or software that runs in the Windows stratosphere.

And we know that Apple users no doubt spend most of their time pointing and sniggering at the phrases. Well, maybe.

The tables have turned somewhat this week as Apple has released a security fix with the latest version of MacOS that fixes a zero-day vulnerability that could allow malware to bypass many of Apple’s built-in defences.

MacOS treats software downloaded from untrusted sources with plenty of suspicion. That’s generally a good thing, since of course the software could potentially be malicious. As such, software is always checked by a suite of Apple anti-malware programs, including their GateKeeper program.


Sponsored Content. Continued below...




However crooks have managed to find an exploit that could allow their malware creations to avoid many of these security checks and install on MacOS without any of the obligatory “are you sure you want to do that?” warnings.

For Apple, that’s a rather serious and unusual security vulnerability, and what’s worse, crooks are already exploiting it in the wild. Security researchers have already discovered the Shlayer malware installer using this technique.

The vulnerability has already been promptly fixed by Apple who released their latest update to the Big Sur MacOS this week containing the fix. So we recommend updating your MacOS software as soon as you can if you haven’t already.

Share
Published by
Craig Haley