Update Your Mac to Avoid the “powerdir” Attack | #macos | #macsecurity | #education | #technology | #infosec



There’s a vulnerability making the roundS for macOS called “powerdir” that could lead to unauthorized access, which is precisely what most computer users would like to avoid. Apple fixed the vulnerability in macOS 11.6 and 12.1, but you need to update your devices to keep yourself safe.

Interestingly, the vulnerability, which is called CVE-2021-30970, was detailed by the Microsoft 365 Defender Research Team in an intense blog post. Microsoft alerted Apple through the Coordinated Vulnerability Disclosure (CVD) via Microsoft Security Vulnerability Research (MSVR) on July 15, 2021. Apple then fixed it on December 13, 2021.

“Microsoft security researchers continue to monitor the threat landscape to discover new vulnerabilities and attacker techniques that could affect macOS and other non-Windows devices,” said Microsoft.

According to Apple’s patch page, “A malicious application may be able to bypass Privacy preferences.” To fix it, “A logic issue was addressed with improved state management.”

The attack is designed to bypass the operating system’s Transparency, Consent, and Control (TCC) technology, giving the attacker unauthorized access to a user’s protected data. This is far from the first TCC vulnerability reported. In fact, the very same patch that fixed the one Microsoft discovered also addressed a few others.

Based on the technical details Microsoft shared, specifically the mention that “it is possible to programmatically change a target user’s home directory and plant a fake TCC database, which stores the consent history of app requests,” this attack must be performed locally. This means you’d have to run specific software on your Mac for them to gain access, or they’d need to actually be sitting in front of your computer.

According to Microsoft, “Using this exploit, an attacker could change settings on any application.” Microsoft also said that its exploit “allows the modification of settings to grant, for example, any app like Teams, to access the camera, among other services.”

If you’ve already updated your Mac to the latest versions, you don’t need to worry about this particular vulnerability (that doesn’t mean new attacks won’t pop up). If you’re reluctant to update your Mac for one reason or another, let this major vulnerability serve as a reminder to keep your precious computer updated, as it’s essential for your safety.


Source link