Update now: critical macOS security flaw patched in Big Sur 11.3
Freshly discovered and quickly fixed
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
The latest update toApple’s macOSoperating systemhas arrived today –Big Sur 11.3– and security experts are urging all users to install the update as it contains a critical fix.
The update patches a loophole discovered by security researcherCedric Owens, which “allows an attacker to very easily craft a macOS payload that is not checked by Gatekeeper,” according to Owens.
“This payload can be used in phishing and all the victim has to do is double click to open the .dmg and double-click the fake app inside of the .dmg – no pop ups or warnings from macOS are generated.”
Another security researcher,Patrick Wardle, has found that the loophole is already being exploited bymalwareinstallers, with his blog post going into extensive detail on the mechanisms of the exploit.
Unlocked gate
Normally, when a suspicious file has the potential of doing harm to the user’s system (typically, an executable file or program in disguise), macOS will utilize its Gatekeeper function to warn users of the type of file they’re actually installing, despite how it may otherwise be presented.
The loophole discovered by Owens allows hackers to trivially bypass Gatekeeper, as well as a number of other core security measures, so the user wouldn’t receive any warnings between double-clicking the downloaded file and it running on their system.
In order to abuse this vulnerability, an attacker would need to craft an application bundle using a script as the main executable and not create an Info.plist file. This application would then need to be placed into a dmg file for distribution. When the dmg is mounted and double clicked, the combination of a script-based application with no Info.plist file executes without any quarantine, signature or notarization verification.
Get the best Black Friday deals direct to your inbox, plus news, reviews, and more.
Sign up to be the first to know about unmissable Black Friday deals on top tech, plus get all your favorite TechRadar content.
As of Big Sur 11.3, malicious files that fit the above description will now present an error message saying that the file “cannot be opened because the developer cannot be identified.”
Apart from this critical fix, the latest macOS update adds a variety of support features for Apple’s latestAirTagtracking products, as well as improved iPhone and iPad app integration on the M1 Mac products.
For most users, the macOS should automatically update to the latest version, or a message prompt should allow you to do so. If that’s not the case, navigate to System Preferences to find the software update and manually install it from there.
Your Mac’s menu bar will finally get a weather widget in macOS Sequoia 15.2 – plus these Apple Intelligence features
Planning to buy Apple’s new USB-C Magic accessories? Make sure you’re running macOS Sequoia 15.1 first
Arcane season 2 finally gave us the huge Caitlyn and Vi moment we’ve been waiting for – and its creators say ‘we couldn’t have done it in season one’
