Quote:Apple accidentally approved one of the most popular Mac malware threats – OSX.Shlayer – as part of its security notarization process.
 
The Apple notary service is an automated system on recent macOS versions that scans software (ranging from macOS apps, kernel extensions, disk images and installer packages) for malicious content and checks for code-signing issues. Then, when a macOS user installs the software, Apple’s Gatekeeper security feature notifies them about whether any malicious code was detected before they open it.
 
Security researchers Peter Dantini and Patrick Wardle recently discovered that Apple inadvertently notarized malicious payloads that were utilized in a recent adware campaign.
 
“Unfortunately a system that promises trust, yet fails to deliver, may ultimately put users at more risk,” said Wardle in a Sunday analysis. “How so? If Mac users buy into Apple’s claims, they are likely to fully trust any and all notarized software. This is extremely problematic as known malicious software (such as OSX.Shlayer) is already (trivially?) gaining such notarization.”