Flaw in macOS briefly allowed attackers to install what they wanted

Security researchers at Microsoft have disclosed a now-patched macOS vulnerability that allowed attackers to bypass a Mac's System Integrity Protection.

Credit: Andrew O'Hara, AppleInsider
The vulnerability, dubbed "Shrootless," leverages the fact that Apple-notarized app install packages can still perform activities normally barred by SiP. According to a blog post Microsoft's 365 Defender Research Team, this is because the kernel can still alter protected locations on macOS.

Read more...