Zero-Day MacOS Mojave Privacy Bypass Bug Exposes Protected Files

  • 227
  •  
  •  
  •  
  •  
  •  
  •  
    227
    Shares

A security researcher discovered a zero-day vulnerability in the MacOS Mojave that allows hackers to access secured system files. This Mojave privacy bypass bug coincided with the date of release of Mac’s latest version. Thus, the bug seemingly affects all Mojave users for now.

Mojave Privacy Bypass Bug Makes Protected Files Vulnerable

Security researcher Patrick Wardle once again came up with a thrilling discovery. He found a zero-day Mojave privacy bypass bug. The zero-day vulnerability found in the latest MacOS allows hackers to access secured files on the system. He shared his discovery in a tweet.

Allegedly, he discovered a flaw that allows an attacker to access the protected files within a system. The researcher could even access contacts using an “unprivileged app” without admin permissions.

Wardle has shared the exploit where he used the app to copy data from the address book in the video shared below.

Apple Yet To Patch The Flaw

Mojave has supposedly restricted user data protections by forcing apps to ask for explicit permissions from users. This includes permissions to access contacts, calendar, location, photos, and other information. This prevents apps from auto-simulating user input. Nonetheless, the recent privacy bypass bug certainly demands a quick patch to avoid any compromise to Mojave’s security feature.

Wardle confirmed in his tweet that he has reported the vulnerability to Apple that affects the latest MacOS Mojave. He further explained that the bug not only affects dark mode, but rather all modes. Wardle has planned to further shed light on this issue in the upcoming Mac Security Conference in November.

The following two tabs change content below.

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!