New vulnerabilities in Apple’s macOS and iOS allow attackers to siphon a targeted user’s call history, calendar, address book and photos. The bugs signal bad news to Apple, according to researchers, who say they represent a new class of bugs within Apple’s security posture.
The bugs, reported by researchers at Trellix Tuesday, offer a “huge range” of adversarial tactics.
The vulnerabilities “represent a significant breach of the security model of macOS and iOS, which relies on individual applications having fine-grained access to the subset of resources they need and querying higher privileged services to get anything else,” wrote Austin Emmitt, senior vulnerability researcher
with Trellix, in the report.
In short, the “large new class of bugs” allow an attacker to “bypass code signing” protections that validate applications running on an iOS or macOS device are safe. Once bypassed, the un-signed code would not signal any red flag security warnings and execute — leading to escalation of privileges and sandbox escape conditions on both macOS and iOS devices.
“Since the first version of iOS on the original iPhone, Apple has enforced careful restrictions on the software that can run on their mobile devices. Only applications that were cryptographically signed by a developer certificate trusted by Apple could be executed,” Emmitt wrote.
These restrictions prevented malicious software from running on devices. What Trellix discovered were holes in Apple’s security approach that allows an attacker to run a malicious program, despite the code-signing requirements that identify the code’s origin, legitimacy and
Read more