We discovered a double free vulnerability (assigned as CVE-2019-8635) in macOS. The vulnerability is caused by a memory corruption flaw in the AMD component. If successfully exploited, an attacker can implement privilege escalation and execute malicious code on the system with root privileges.
Read MoreA critical Mac vulnerability was discovered by OS X security researcher Pedro Vilaca last week. According to his research, any attacker can disable the BIOS lock just by taking advantage of a flaw in Apple’s S3 sleep state (more known as ‘standby mode’) suspend-resume implementation. Once an attacker does this, he can install bootkit malware onto a Mac BIOS without…
Read MoreThe newly discovered Wirelurker malware affecting both OS X and iOS devices has been covered extensively in the media. While this is a significant incident, some of the coverage appears to have been exaggerated, and might lead users to unnecessary panic. Several points would be useful in helping calm down the worst fears of users and distilling…
Read MoreOne of the Mac OS X platform’s security features is Gatekeeper, which was first introduced in 2012 and works with Lion, Mountain Lion, and Mavericks. If a program is downloaded from the Internet and launched, Gatekeeper will first validate its digital signature and choose whether to let it run based on the user’s settings. How…
Read MoreThis new backdoor reminds everyone that, indeed, the myth that Mac is safe is, well, a myth. Exploiting a vulnerability in a component of Apple Remote Desktop, this malware detected by Trend Micro as BKDR_HOVDY.A, runs hidden on an affected operating system and allows a remote malicious user to escalate privileges to root. Also this…
Read More