Latest in Apple

Image credit:

Mac exploit dodges Apple's anti-malware app check

Jon Fingas, @jonfingas
September 30, 2015
Share
Tweet
Share

Sponsored Links

If you've used a Mac running OS X Mountain Lion or later, you're well-acquainted with Gatekeeper: it's the security measure that prevents unsigned apps from running unless you want them to. Unfortunately, it turns out that this first line of defense isn't quite as secure as it's supposed to be. Synack security researcher Patrick Wardle has discovered a flaw that lets malware get around Gatekeeper and do what it wants with your system. The trick 'hijacks' a signed app to pretend that it's legit, and uses clever file packaging to launch hostile code once OS X declares the host app safe. Wardle only used one app in a proof of concept demonstration, but other apps should work. You could even use malicious plugins (say, Photoshop add-ons) to bypass Gatekeeper.

Needless to say, this is a potentially nasty flaw. If attackers can convince you to download and install an authentic-looking app, they'll have a field day. The good news? Wardle took care to notify Apple before disclosing the exploit, and the company says that it's already working on a patch. It's not clear when this will arrive, so you'll want to stay on your toes until then -- grab apps only from those sources you can trust.

[Image credit: Getty Images/OJO Images RF]

In this article: apple, exploit, gatekeeper, mac, osx, security, software
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

Google's COVID-19 reports show where people are obeying stay-at-home orders

Google's COVID-19 reports show where people are obeying stay-at-home orders

View
Skype rolls out 'Meet Now' calls that don't need a a sign-up or installation

Skype rolls out 'Meet Now' calls that don't need a a sign-up or installation

View
Ten years in, a look at the iPad killers that weren't

Ten years in, a look at the iPad killers that weren't

View
Waymo’s fifth-generation Driver can peek around blind spots

Waymo’s fifth-generation Driver can peek around blind spots

View
'Artemis Fowl' will debut on Disney+

'Artemis Fowl' will debut on Disney+

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr