Bypass Flaw in Newly Released macOS Mojave Update Lets Hackers Access Protected Files

by

Researcher Patrick Wardle, who has uncovered many security flaws in Apple's macOS operating system, today shared some details on a new vulnerability that he's found in the newly released macOS Mojave update.

As outlined by BleepingComputer, Wardle discovered that he was able to access Contacts data from the address book using an unprivileged app, as demonstrated in the video below.


According to Wardle, the vulnerability is a result of the way that Apple implemented new macOS privacy protections in the Mojave update.

"I found a trivial, albeit 100% reliable flaw in their implementation," he told us, adding that it allows a malicious or untrusted app to bypass the new security mechanism and access the sensitive details without authorization.

The bypass does not work with all of the new privacy protection features in macOS Mojave, and hardware-based components, such as the webcam, are not affected. Full details on the vulnerability are not available yet, as Wardle plans to share technical details in November.

In the macOS Mojave update, Apple made a change that requires explicit user consent for apps to access location data, camera, contacts, calendars, reminders, messages history, Safari data, mail databases, and other sensitive data, which should prevent the vulnerability that Wardle demonstrates.

macosmojaveprivacy
Apple will undoubtedly address the security flaw discovered by Wardle in an upcoming update to macOS Mojave.

Related Forum: macOS Mojave

Popular Stories

apple oct 2024 mac tease

Apple Expected to Announce These Two to Three Products 'This Week'

Sunday October 12, 2025 7:05 am PDT by
Apple plans to announce new products "this week," according to Bloomberg's Mark Gurman. Apple's "Mac Your Calendars" teaser last October In his Power On newsletter today, Gurman said the products set to be updated this week include the iPad Pro, Vision Pro, and "likely" the base 14-inch MacBook Pro, with all three likely to receive a spec bump with Apple's next-generation M5 chip. Gurman...
Read Full Article180 comments
iOS 26 Feature

Apple Preparing iOS 26.0.2 Update for iPhones

Saturday October 11, 2025 6:59 pm PDT by
Apple's software engineers are internally testing iOS 26.0.2, according to MacRumors logs, which have been a reliable indicator of upcoming iOS versions. iOS 26.0.2 will likely be a minor update that addresses bugs and/or security vulnerabilities, but we do not know any specific details yet. The update will likely be released within the next few weeks. Last month, Apple released iOS...
Read Full Article79 comments
Apple TV Plus Feature 2 Magenta and Blue

Apple TV+ Being Rebranded as Apple TV

Monday October 13, 2025 8:25 am PDT by
Buried in its announcement about "F1: The Movie" making its streaming debut on December 12, Apple has also announced that Apple TV+ is being rebranded as simply Apple TV. A single line near the end of the press release states "Apple TV+ is now simply Apple TV, with a vibrant new identity," though Apple's website has yet to be updated with any changes, so we're unsure on the details of the...
Read Full Article274 comments
iPhone 17 Pro Colors

iPhone 18 Pro Already Rumored to Have These 6 New Features

Saturday October 11, 2025 10:10 am PDT by
While the iPhone 18 Pro and iPhone 18 Pro Max are still nearly a year away, a handful of new features and changes have already been rumored for the devices. Below, we have recapped some of the early iPhone 18 Pro rumors so far. Smaller Dynamic Island The standard iPhone 18, iPhone 18 Pro, and iPhone 18 Pro Max will be equipped with a slightly smaller Dynamic Island, but the devices will...
Read Full Article84 comments
All AirPods 2025

Apple Reportedly Working on New AirPods Pro, AirPods 5, and H3 Chip

Sunday October 12, 2025 9:24 am PDT by
After releasing AirPods Pro 3 last month, Apple is already working on the next AirPods Pro, according to Bloomberg's Mark Gurman. It is unclear if the new AirPods Pro would be branded as AirPods Pro 4, or if they would be considered an updated version of AirPods Pro 3. Gurman did not take a position, opting to describe them as a "new version" of the "high-end in-ear buds." AirPods Pro 2...
Read Full Article67 comments
joz macbook tease

Apple Teases Upcoming M5 MacBook Pro Launch: 'Something Powerful is Coming'

Tuesday October 14, 2025 11:59 am PDT by
Apple marketing chief Greg Joswiak today teased the launch of an upcoming product, saying "something powerful is coming" on social media. Subscribe to the MacRumors YouTube channel for more videos. A short animation accompanying Joswiak's teaser reveals a brief glimpse of a MacBook Pro along with the words "coming soon." The shape of the MacBook Pro is a V, which is the Roman numeral...
Read Full Article195 comments
Meta Ray Ban Glasses

Apple's Smart Glasses With In-Lens Display May Feature Two Modes

Sunday October 12, 2025 9:43 am PDT by
Apple's second-generation smart glasses with an in-lens display may have two modes, depending on which device they are connected to. Meta Ray-Bans without an in-lens display In his Power On newsletter today, Bloomberg's Mark Gurman said he was told a future version of Apple's smart glasses may be able to run a full version of the visionOS operating system when they are paired with a Mac, and...
Read Full Article126 comments
10

Apple to Launch New Products Starting Next Week, Claims Dubious Leak [Updated]

Friday October 10, 2025 5:57 am PDT by
Update: the Naver account appears to be referencing a speculative post on X by Vadim Yuryev, dated October 6. The original article follows. Apple will announce new products through a series of press releases beginning as soon as next week, according to a dubious claim posted on the Korean blog Naver. The Naver blog account yeux1122, which aggregates rather than originates Apple...
Read Full Article6 comments
macbook pro blue

Apple's M5 MacBook Pro Imminent: What to Expect

Tuesday October 14, 2025 4:35 pm PDT by
Apple is going to launch a new version of the MacBook Pro as soon as tomorrow, so we thought we'd go over what to expect from Apple's upcoming Mac. M5 Chip The MacBook Pro will be one of the first new devices to use the next-generation M5 chip, which will replace the M4 chip. The M5 is built on TSMC's more advanced 3-nanometer process, and it will bring speed and efficiency improvements. ...
Read Full Article50 comments

Top Rated Comments

SecuritySteve Avatar
SecuritySteve
92 months ago
As a security researcher professional, this is entirely inappropriate. He should have contacted Apple during the beta release cycle and gotten it fixed. If Apple needs more time to fix it, and is aware of the issue, then you keep the vulnerability under wraps so that other hackers do not exploit your vulnerability while it has no fix.

The only reason to publish a vulnerability with no fix is if the vendor WILL NOT FIX the vulnerability. I doubt that is the case here. This Wardle is seeking attention, and should be looked down upon.

See the guys listed here? These are the true professionals, they did it right.

https://support.apple.com/en-us/HT209139
Score: 52 Votes (Like | Disagree)
fokmik Avatar
fokmik
92 months ago
why come forward today and not earlier that Apple can fix this before Mojave release ? i wonder...
Score: 31 Votes (Like | Disagree)
dannyyankou Avatar
dannyyankou
92 months ago
Why dont they do proper testing?
Yeah they should have a beta program or something with a feedback app, then this would’ve been discovered months ago :rolleyes:
Score: 24 Votes (Like | Disagree)
rafark Avatar
rafark
92 months ago
Why dont they do proper testing? A bit embarrassing for a trillion dollar company.
Score: 21 Votes (Like | Disagree)
dannyyankou Avatar
dannyyankou
92 months ago
It requires the Mac to be unlocked in the first place, so this isn’t the worst security flaw in the world.
Score: 11 Votes (Like | Disagree)
MacDawg Avatar
MacDawg
92 months ago
Oh goodie, now we can have all of the usual suspects flock here to take a **** on Apple
Score: 10 Votes (Like | Disagree)
Read All Comments