Update your Macs! Malware attacks can exploit critical flaws in Apple’s built-in defences

Update your Macs! Malware attacks can exploit critical flaws in Apple’s built-in defences

Update your Macs! Malware attacks can exploit critical flaws in Apple's built-in defences

Apple has released a brand new update for its macOS Big Sur operating system, and you really should install it.

Amongst other fixes, Big Sur 11.3 patches a zero-day vulnerability that could allow an attacker to craft malicious payloads that will not be checked by Gatekeeper, the security check built into Apple’s operating system that is supposed to block the execution of software from untrusted sources.

Researcher Cedric Owens says that all recent versions of macOS prior to Big Sur 11.3 are vulnerable to an attack that could easily be launched against unsuspecting users:

“[The] bug that I uncovered in macOS Catalina 10.15 (specifically tested on 10.15.7) and in macOS Big Sur before Big Sur 11.3 allows an attacker to very easily craft a macOS payload that is not checked by Gatekeeper. This payload can be used in phishing and all the victim has to do is double click to open the .dmg and double-click the fake app inside of the .dmg — no pop ups or warnings from macOS are generated.”

Security researchers at Jamf report that the zero-day exploit has been used in in-the-wild attacks, by a version of the Shlayer adware dropper, as far back as January 9 2021.

Fake flash update

Separately, a different vulnerability in macOS Gatekeeper has been discovered that could also allow malicious apps to bypass security checks – when wrapped in a ZIP file.

The vulnerability, dubbed CVE-2021-1810, was found by the boffins at F-Secure in December 2020, could be exploited by any software stored within a specially-crafted ZIP file.

EmailSign up to our newsletter
Security news, advice, and tips.

Apple patched the flaw found by F-Secure’s experts in updates issued this week: macOS Big Sur 11.3 and Security Update 2021-002 for macOS Catalina.

Apple vuln

The vulnerability discovered by Cedric Owens was also patched at the same time.

Although no evidence has been seen of malicious attacks exploiting the CVE-2021-1810 flaw, it obviously makes good sense to protect against both vulnerabilities by updating the operating system on your Macs and MacBooks at the earliest opportunity.

F-Secure says that it is not releasing full details of the vulnerability it uncovered at the moment, as it waits for more users to update their vulnerable devices.

In addition, the firm notes that applications downloaded from Apple’s App Store are not affected by this issue.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.


Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon’s Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy.

Follow him on Twitter at @gcluley, or drop him an email.

Leave a Reply

Your email address will not be published. Required fields are marked *