A New Vulnerability in MacOS Appears
Apple is facing another Gatekeeper security vulnerability. Investigator Filippo Cavallarin explained that there was a macOS vulnerability that allowed attackers to install malware on the computer without the need for permission.
Since Gatekeeper considers network shares as ği safe, locations that do not require permission, all a malicious guest has to do is convince the user to open the malicious application he wants. A maliciously crafted ZIP file with a correct symbolic link, it will be easy for the user to automatically redirect the user to an internet site owned by the attacker and to convince the user to launch this malware that is hidden as a document.
In theory, the issue had to be solved by now. Cavallarin told Apple on February 22 that it had found a vulnerability and it should be resolved with macOS 10.14.5. Cavallarin said that this was not done and he stopped responding to Apple’s e-mails.
If you have been using a computer for a long time, when you need to open a ZIP file and the contents of a network share, you are unlikely to be exposed to the virus accidentally. However, this can have bad consequences for people who are not familiar with remote shares and the risk of unwanted viruses.