Patrick Wardle, director of research at security firm Synack, has detailed a very simple workaround to Apple’s Gatekeeper software, used to protect OS X from malicious installers since OS X Lion v10.7.5. The workaround operates by using an already-signed executable file, and using file name changes and .DMG files, forces the proper application to load a malicious application which can then do anything it wants, completely bypassing Gatekeeper.
Gatekeeper is one of the frontline security features in Apple’s desktop OS, and a working exploit of that system would put Mac users at great peril as most do not run commercial anti-virus software. The security team detailed their findings to Apple 60 days ago, and are thus free to present their findings. They will - in the interest of protecting users - leave out some critical details until Apple has a chance to deliver a patch to the problem. Both Wardle and Apple have issued statements that Apple is working on a fix.
This is just one more security flaw to affect Apple’s oldest platform, and more evidence that as Apple products continue to gain in popularity their users will need to become more security-conscious in general, although many are under the mistaken impression that they are safer from malware than Windows or Android users.
Source: Ars Technica
33 Comments - Add comment