Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Discovered a new zero-day vulnerability on macOS that allows attackers to run commands remotely
This is essentially a high-severity zero-day vulnerability that could allow an attacker to execute arbitrary commands on a target Mac, regardless of the version of macOS in use.
This vulnerability was first found by a team of independent security researchers led by cybersecurity expert Park Minchan. The problem stems from the way macOS handles inetloc files, which inadvertently causes the system to automatically run any commands embedded inside by the attacker without being able to issue any warnings or prompts. for users.
On macOS, Internet location files with the .inetloc extension are system-wide storage of bookmark data, and can be used to open online resources (news://, ftp://) , afp://) or local files (file://).
"A vulnerability in macOS Finder allows files with the inetloc extension to execute arbitrary commands. These files could be embedded inside malicious email messages that, if clicked by the user, would immediately execute the commands specified. embedded inside without giving any prompts or warnings to the user'.
For its part, Apple seems to be aware of the problem and is quietly fixing it without specifying a CVE identifier. The Park Minchan team and colleagues also discovered that Apple's patch only partially addresses the vulnerability, as it can still be exploited by changing the protocol used to execute embed commands from the file. :// to File://.
"We have informed Apple that FiLe:// (value change only) does not appear to be blocked, but have not received any response from them so far. As far as we know, currently Currently, this vulnerability has not really been patched."
The team has not provided any specific information on how attackers can abuse this vulnerability. However, in theory, it is entirely possible to be used by threat actors to create malicious email attachments that can launch an accompanying or remote payload when accessed by the victim.
Initial field tests have confirmed that this vulnerability can be used to run arbitrary commands on macOS Big Sur, using specially crafted files downloaded from the Internet without any any prompts or warnings.
A .inetloc file with PoC code also went undetected by any anti-malware engine on VirusTotal. That means macOS users targeted by threat actors using this attack method will not be protected by security software.
Hopefully Apple will soon implement more thorough measures to fix the problem in the near future
Marvin FryYou should read it
- Microsoft fixes a serious vulnerability that has existed for 17 years in Windows Server
- VMware patches RCE Spring4Shell vulnerability on a wide range of products
- ProFTPD remote code execution vulnerability affects more than 1 million servers worldwide
- Log4Shell zero-day vulnerability discovered, the new nightmare of enterprises
- Update your Macbook now to avoid this major security bug
- Detects code execution vulnerabilities in WinRAR, noting more than 100 infringement cases
- Adobe Flash Player has a serious zero-day vulnerability
- Warning of dangerous Spring4Shell vulnerability, there are signs of scanning and exploiting
May be interested
- Yandex suffered the largest DDoS attack in history
a constantly growing ddos botnet has targeted russian search engine yandex for over a month. - Kaspersky expert warns about an Android virus that can automatically steal moneyin a recent interview, security expert viktor chebyshev shared about a virus on android devices with the ability to automatically steal money from victims.
- Vulnerability in Microsoft Outlook makes users believe in phishing emailsa new vulnerability has just been discovered by a security researcher on the microsoft outlook platform.
- New series of Bluetooth vulnerabilities discovered that could put millions of Windows and Android devices worldwide in troublehackers can easily take advantage of existing vulnerabilities in the bluetooth protocol to deploy many different violating activities.
- Beware of the 'Windows 11 Alpha' cyberattack campaigntaking advantage of the interest of users, cybercriminals are deploying windows 11-themed phishing campaigns.
- This unremarkable looking Lightning cable can steal your data and send it to hackersapple has switched to using the usb-c connection standard on the latest generation of ipad pro, and this should probably be applied to new iphone models soon as well. this not only provides convenience, but also helps limit security risks.
Attack the network
PrintNightMare vulnerability patch is flawed, attackers can still 'break through'- Microsoft discovered a critical vulnerability on macOS
- Mac computers stuck with a dangerous security vulnerability, Apple was announced in February but has not yet resolved
- Update your Macbook now to avoid this major security bug
- New zero-day vulnerability warning in Windows Search, Windows protocol nightmare getting worse
PrintNightMare vulnerability patch is flawed, attackers can still 'break through'
Microsoft discovered a critical vulnerability on macOS
Mac computers stuck with a dangerous security vulnerability, Apple was announced in February but has not yet resolved
Update your Macbook now to avoid this major security bug
New zero-day vulnerability warning in Windows Search, Windows protocol nightmare getting worse