Bypass Flaw in Newly Released macOS Mojave Update Lets Hackers Access Protected Files
Researcher Patrick Wardle, who has uncovered many security flaws in Apple's macOS operating system, today shared some details on a new vulnerability that he's found in the newly released macOS Mojave update.
As outlined by BleepingComputer, Wardle discovered that he was able to access Contacts data from the address book using an unprivileged app, as demonstrated in the video below.
According to Wardle, the vulnerability is a result of the way that Apple implemented new macOS privacy protections in the Mojave update.
"I found a trivial, albeit 100% reliable flaw in their implementation," he told us, adding that it allows a malicious or untrusted app to bypass the new security mechanism and access the sensitive details without authorization.
The bypass does not work with all of the new privacy protection features in macOS Mojave, and hardware-based components, such as the webcam, are not affected. Full details on the vulnerability are not available yet, as Wardle plans to share technical details in November.
In the macOS Mojave update, Apple made a change that requires explicit user consent for apps to access location data, camera, contacts, calendars, reminders, messages history, Safari data, mail databases, and other sensitive data, which should prevent the vulnerability that Wardle demonstrates.
Apple will undoubtedly address the security flaw discovered by Wardle in an upcoming update to macOS Mojave.
Popular Stories
The first iOS 18.4 beta for iPhones should be just around the corner, and the update is expected to include many new features and changes.
Bloomberg's Mark Gurman expects the iOS 18.4 beta to be released by next week.
Below, we outline what to expect from iOS 18.4 so far.
Apple Intelligence for Siri
Siri is expected to get several enhancements powered by Apple Intelligence on iOS...
Apple is set to "significantly change" the iPhone's design language later this year, according to a Weibo leaker.
In a new post, the user known "Digital Chat Station" said that the iPhone's design is "starting to change significantly" this year. The "iPhone 17 Air" reportedly features a "horizontal, bar-shaped" design on the rear, likely referring to an elongated camera bump. On the other...
Apple has yet to announce any new devices this year, but that could change starting next week.
Apple CEO Tim Cook today said to "get ready" for a "launch" on Wednesday, February 19.
"Get ready to meet the newest member of the family," said Cook, in a social media post. The post includes an #AppleLaunch hashtag, along with a short video featuring an animated Apple logo inside of a circle....
Apple is "exploring" the idea of showing search ads in the Apple Maps app, according to Bloomberg's Mark Gurman.
Back in 2022, Gurman said software engineering was "already underway" to display ads in the Apple Maps app, but Apple did not move forward with the idea at the time. Today, he said Apple is "giving this notion more thought" again.
This time around, he said Apple has yet to...
Apple appears to have enough upcoming product announcements to justify a full event this month, yet all signs indicate these reveals will be handled through a series of press releases instead.
There are a multitude of rumors from reliable sources about specific announcements in the coming weeks, so here's everything that Apple could have feasibly included in a hypothetical February event:
...
Apple's next-generation iPhone 17 Pro will feature three rear cameras arranged in a familiar triangular layout, but the cameras will be housed in an all-new rectangular camera bar with rounded corners, according to YouTube channel Front Page Tech.
iPhone 17 Pro camera design render created by Asher for Front Page Tech
In a video uploaded today, Front Page Tech host Jon Prosser said the camera ...
A few days ago, we reported that Apple's refurbished Mac mini pricing had a problem, and it appears that Apple has taken note.
Apple was offering a refurbished Mac mini with the M2 chip, 16GB of RAM, and 256GB of storage for $559, which was $50 more than a refurbished Mac mini with the M4 chip, 16GB of RAM, and 256GB of storage. All other key specifications were equal.
That's no longer...
On this week's episode of The MacRumors Show, we discuss the imminent Apple product "launch" that is widely expected to be the fourth-generation iPhone SE.
Subscribe to The MacRumors Show YouTube channel for more videos
In a social media post on Thursday, Apple CEO Tim Cook teased an upcoming "launch" of some kind scheduled for Wednesday, February 19. "Get ready to meet the newest member of...
