Microsoft issued a warning about macOS security errors, urging users to update the software immediately
The Microsoft security team recently issued a warning about a vulnerability that exists in a bug in Apple's Transparency, Consent and Control (TCC) technology. TCC is a technology that has been around since 2012.
It is designed to prevent applications from accessing users' personal information without their prior knowledge and consent.
This is a high-risk-rated vulnerability that allows an attacker to remotely install spyware on a target's device. Therefore, users are recommended to update the operating system on their devices to the latest software version, in order to minimize any potential risks.
This vulnerability, called 'powerdir' (tracking identifier CVE-2021-30970), was first discovered by the Microsoft Security Vulnerability Research (MSVR) security team, and has been fully notified to Apple. through the Coordinated Vulnerability Disclosure (CVD) mechanism between major technology companies.
Talking about this vulnerability, the representative (MSVR) said:
'We discovered that it is possible to programmatically change the target user's home directory and create a dummy TCC database. This database stores the consent history of application requests. If exploited on unpatched systems, this vulnerability could allow an attacker to orchestrate an attack based on a user's protected personal data.
For example, an attacker could hijack an app installed on the device — or install their own malicious app — and gain access to the microphone to record private conversations, or capture screen shot of sensitive information displayed on the user's screen'.
Apple released a patch for the vulnerability on December 13, 2021. However, not many people are really aware of this issue. That's why Microsoft is urging macOS users to apply the patches as soon as possible.
You should read it
- Apple expanded the size of the security bug detection program to receive bonuses, including macOS, a maximum bonus of $ 1 million
- Apple patched many zero-day bugs in iOS 15.4.1 and macOS 12.3.1 updates
- Microsoft discovered a critical vulnerability on macOS
- Detecting a serious security vulnerability on macOS, this 18-year-old youth refused to disclose it because Apple did not pay the bonus
- Apple fixes many important bugs on MacOS X
- Mac computers stuck with a dangerous security vulnerability, Apple was announced in February but has not yet resolved
- Users need to update their iOS and Mac devices right away to avoid security vulnerabilities
- Microsoft fixes 28 Windows and Office security bugs
- Top 30 serious security holes are being exploited by hackers the most
- Apple patched a total of 43 security bugs for Mac OS X
- Dynamics of Google, Apple and Microsoft when the browser has a security error
- Apple announced a new, more diverse level of security bug detection bonus
Maybe you are interested
The new default Office font is now available on Microsoft 365, with many notable additions How to check if a URL is safe? How to edit sent messages in Telegram The 'fake fake' series of images has the potential to cause viewers to be extremely powerful Summit, the world's most powerful supercomputer used to find a way to treat Covid-19 What is the FOUND,000 folder and the file FILE0000.CHK on Windows?