Microsoft researchers describe macOS security holes through which attackers could gain access to user data


Microsoft has detailed a vulnerability in macOS that could allow an attacker to bypass its built-in technology controls and gain access to users’ protected data. The problem known as “powerdir” affects the system called Transparency, Consent, and Control (TCC), which has been available since 2012 to help users configure the privacy settings of their apps. It could allow attackers to hijack an existing app installed on a Mac computer or install their own app and access hardware including a microphone and camera to obtain user data.

As described in a blog post, the macOS vulnerability could be exploited by bypassing TCC to target sensitive user data. Specifically, Apple fixed the bug in the macOS Monterey 12.1 update that was released last month. It was also fixed by the macOS Big Sur 11.6.2 version for older hardware. However, devices using an older version of macOS are still vulnerable.

Apple uses TCC to help users configure privacy settings like access to the camera, microphone and device location, as well as services like calendar and iCloud account. The technology is for access via the. accessible safety Section in System settings.

In addition to TCC, Apple uses a feature aimed at protecting systems from unauthorized code execution and has enforced a policy that restricts access to TCC to only apps with full disk access. However, an attacker can change a target user’s home directory and create a fake TCC database to get the consent history of app requests, said Microsoft security researcher Jonathan Bar Or in the blog post.

“If this vulnerability is exploited on unpatched systems, it could allow a malicious actor to orchestrate an attack based on the user’s protected personal information,” said the researcher.

Microsoft researchers also developed a proof of concept to show how the vulnerability could be exploited by changing the privacy settings of a particular app.

Apple recognized the efforts of the Microsoft team in its security document. The vulnerability is being tracked as CVE-2021-30970.

Affiliate links can be generated automatically – see our ethics statement for details.

Check out the latest from the Consumer Electronics Show on Gadgets 360 in our CES 2022 hub.


Please enter your comment!
Please enter your name here