Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Mac Mojave Zero-Day Allows Malicious Apps to Access Sensitive Info
#1
Quote:A zero-day vulnerability in the brand-new version of the Apple Mojave macOS has been uncovered, which would allow an attacker to access private and confidential information by using an unprivileged app.

The flaw was uncovered by Patrick Wardle, co-founder of Digita Security and creator of Objective-See Mac security tools. On Monday, Wardle announced on Twitter that: “Mojave’s ‘dark mode’ is gorgeous…but its promises about improved privacy protections? kinda #FakeNews.”

Mac Mojave 10.14, released on Monday, contains security fixes for several issues, and introduces new user data protections. These require explicit consent by users for apps to access sensitive areas like location services, contacts, calendars, reminders, photos and so on. It’s a measure meant to thwart malicious actors looking to use synthetic clicks to simulate human finger touches and gain access to private information. Now, authorization prompts pop up that require direct, real user interaction before an app can tap sensitive information. However, users can whitelist (i.e., preauthorize) trusted apps.

Source: https://threatpost.com/mac-mojave-zero-d...fo/137674/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Website X5 Go 2024.1
Website X5 Go 2024.1...zevish — 09:32
Apple's rules to allow third-party app ...
Apple has announ...alison30 — 09:28
Intel: Microsoft AI PCs need a Copilot K...
Microsoft hopes th...harlan4096 — 08:55
Synchredible 8 Professional Edition v8.2...
          Synchredib...zevish — 08:54
GFYI [Official] EaseUS Data Recovery Wi...
I utilize EaseUS Par...zevish — 08:10

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>