image credit: pxhere
It was reported earlier this week that one of the security holes patched in macOS Big Sur and Catalina (CVE-2021–30657) has been exploited by a piece of malware known as Shlayer to bypass security mechanisms designed by Apple to protect users against malicious files downloaded from the internet, specifically file quarantine, Gatekeeper and notarization.
File quarantine asks the user for confirmation when executing a file downloaded from the internet, Gatekeeper checks code-signing information to ensure an application comes from a trusted developer and it has not been tampered with, and notarization involves automatically scanning software for malicious content before it is allowed to run.
Comments are closed.
