Bypass Flaw in Newly Released macOS Mojave Update Lets Hackers Access Protected Files
Researcher Patrick Wardle, who has uncovered many security flaws in Apple's macOS operating system, today shared some details on a new vulnerability that he's found in the newly released macOS Mojave update.
As outlined by BleepingComputer, Wardle discovered that he was able to access Contacts data from the address book using an unprivileged app, as demonstrated in the video below.
According to Wardle, the vulnerability is a result of the way that Apple implemented new macOS privacy protections in the Mojave update.
"I found a trivial, albeit 100% reliable flaw in their implementation," he told us, adding that it allows a malicious or untrusted app to bypass the new security mechanism and access the sensitive details without authorization.
The bypass does not work with all of the new privacy protection features in macOS Mojave, and hardware-based components, such as the webcam, are not affected. Full details on the vulnerability are not available yet, as Wardle plans to share technical details in November.
In the macOS Mojave update, Apple made a change that requires explicit user consent for apps to access location data, camera, contacts, calendars, reminders, messages history, Safari data, mail databases, and other sensitive data, which should prevent the vulnerability that Wardle demonstrates.
Apple will undoubtedly address the security flaw discovered by Wardle in an upcoming update to macOS Mojave.
Popular Stories
Apple is planning to launch at least 15 new products in 2026, according to Bloomberg's Mark Gurman.
Gurman outlined what to expect from Apple in 2026 in the latest edition of his "Power On" newsletter. He said the company is heading "into one of its most pivotal years in recent memory," with the rollout of major new Apple Intelligence features, intense regulatory pressure on the App Store,...
Apple today released iOS 26.1, the first major update to the iOS 26 operating system that came out in September, iOS 26.1 comes over a month after iOS 26 launched. iOS 26.1 is compatible with the iPhone 11 series and later, as well as the second-generation iPhone SE.
The new software can be downloaded on eligible iPhones over-the-air by going to Settings > General >...
Following more than a month of beta testing, Apple released iOS 26.1 on Monday, November 3. The update includes a handful of new features and changes, including the ability to adjust the look of Liquid Glass and more.
Below, we outline iOS 26.1's key new features.
Liquid Glass Toggle
iOS 26.1 lets you choose your preferred look for Liquid Glass.
In the Settings app, under Display...
The smarter, more capable version of Siri that Apple is developing will be powered by Google Gemini, reports Bloomberg. Apple will pay Google approximately $1 billion per year for a 1.2 trillion parameter artificial intelligence model that was developed by Google.
For context, parameters are a measure of how a model understands and responds to queries. More parameters generally means more...
We're officially in the month of Black Friday, which will take place on Friday, November 28 in 2025. As always, this will be the best time of the year to shop for great deals, including popular Apple products like AirPods, iPad, Apple Watch, and more. In this article, the majority of the discounts will be found on Amazon.
Note: MacRumors is an affiliate partner with some of these vendors. When ...
In his "Power On" newsletter, Bloomberg's Mark Gurman today provided an update on the status of Apple Intelligence and the plans for it in 2026.
Apple is still planning to roll out its revamped version of Siri around March of next year. The release should be accompanied by the release of a new smart home display product with speaker-base and wall-mount options. A new Apple TV and HomePod...
A new Apple TV and HomePod mini could launch as soon as this month, Bloomberg's Mark Gurman today suggested.
In today's "Power On" newsletter, Gurman said that Apple retail stores are planning an overnight refresh on the evening of November 11, where changes will be made after closing, such as refreshing displays and placing new products for the following day.
The timing of the overnight...
