macOS Big Sur 11.4 blocks a major vulnerability

Vulnerability

From here we always recommend updating your device to the latest version of the software that Apple offers you. Although at first glance you do not see any interesting news to the update, there are always the typical "bug fixes and fullfilment of security requirements»That we do not give importance, but that sometimes are crucial.

Maybe you haven't yet updated your Mac to last version (11.4) of macOS that was released this Monday. You may not care because you neither have an Apple Card, nor are you going to subscribe to any podcast. But if I tell you that it solves a major vulnerability problem, you may be in a bit more of a hurry to update your Mac.

This Monday Apple released updates for all its devices, including macOS Big Sur 11.4 for Macs. Apart from the news already announced, it blocks a "zero-day vulnerability" that could allow cyber attackers to exploit applications such as Zoom, take secret screenshots and repeatedly record screenshots. Almost nothing.

JAMF, a mobile device management company, has explained that macOS had a security problem that allowed it to bypass privacy preferences, giving an attacker full disk access, screen recording, and other permissions without a user's consent.

The exploit was discovered by Jamf when analyzing malware XCSSET. The XCSSET malware has been around since 2020, but Jamf noticed a recent spike in activity and discovered a new variant.

Once installed on a victim's system, the malware It is specifically used to take screenshots of the user's desktop without the need for additional permissions. Jamf said it could also be used to bypass other permissions, as long as the application infected with the malware had that permission enabled.

Confirmed by Apple

Jamf has a full rundown of how the exploit works, and the company says Apple has blocked the vulnerability with macOS Big Sur 11.4. Apple it confirmed a TechCrunch, so Mac users should update their software as soon as possible. Better to waste a little while watching your Mac update, than having to regret it later.


The content of the article adheres to our principles of editorial ethics. To report an error click here!.

Be the first to comment

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.