A critical flaw in the System Integrity Protection (SIP) component on Apple’s macOS operating system poses a significant risk to all users’ data and cameras. The vulnerability, tracked as CVE-2024-44243, allows third-party kernel extensions to load, bypassing SIP protections.
According to Microsoft Threat Intelligence researchers, this flaw could be exploited by threat actors to access sensitive data, replace databases that manage TCC policies, and gain unauthorized access to camera and microphone features. This could result in the installation of malware or rootkits, disabling security tools, and creating opportunities for additional attacks.
The vulnerability is related to a logic issue that allows malicious apps to modify protected system parts. In December 2022, Apple released a patch for this vulnerability; subsequent updates since macOS Sequoia 15.2 have contained fixes.
Microsoft identified the vulnerability in the Storage Kit daemon, a critical process responsible for managing disk state operations. The bypass is possible by leveraging Migration Assistant and custom file systems such as Tuxera, Paragon, EaseUS, and iBoysoft.
This issue affects not only Mac users but also those using third-party applications like Outlook, Teams, PowerPoint, OneNote, Excel, and Word, which were found to be vulnerable to exploits that could grant unauthorized access to sensitive information.
To protect yourself, it is essential to update your macOS as soon as possible. Installing updates regularly can help prevent security breaches. Additionally, consider investing in the best Mac antivirus software for extra protection.
Source: https://www.tomsguide.com/computing/online-security/critical-macos-flaw-puts-your-data-and-cameras-at-risk-update-right-now