This bug would allow a threat actor to bypass the Gatekeeper security feature on Apple’s macOS. This is the mechanism that protects Mac machines by preventing untrusted apps from installing. However, the vulnerability found by Microsoft would allow an attacker to install a malicious app onto the system. Microsoft also developed a proof-of-concept (PoC) to show it could work if left unpatched. Called “Achilles”, the bug was disclosed to Apple through the Coordinated Vulnerability Disclosure.

Fix

In a blog post, Microsoft describes the bug and the dangers it could pose if exploited by the wrong people. Essentially, the company says that there is a security risk, Microsoft told Apple, and Apple then issued a fix. “After carefully reviewing the implications, we shared the vulnerability with Apple in July 2022 through Coordinated Vulnerability Disclosure (CVD) via Microsoft Security Vulnerability Research (MSVR). Fixes for the vulnerability, now identified as CVE-2022-42821, were quickly released by Apple to all their OS versions. End-users should apply the fix regardless of their Lockdown Mode status. We thank Apple for the collaboration in addressing this issue.” If you want to dive into the details and specifics, the blog post is perfect for security experts and researchers. Tip of the day: After years of hefting a laptop around, you inevitably build up a menagerie of Wi-Fi networks. For the most part, they’ll sit on your PC, hardly used, but at times a change in configuration can make it difficult to connect to a network your computer already remembers. At this point, it can be beneficial to make Windows forget a Wi-Fi network and delete its network profile.

Microsoft Finds Security Hole in MacOS Described as The  Achilles Heel  of the Platform - 7Microsoft Finds Security Hole in MacOS Described as The  Achilles Heel  of the Platform - 22Microsoft Finds Security Hole in MacOS Described as The  Achilles Heel  of the Platform - 46Microsoft Finds Security Hole in MacOS Described as The  Achilles Heel  of the Platform - 47Microsoft Finds Security Hole in MacOS Described as The  Achilles Heel  of the Platform - 35