Date:08/10/18
Expert in application development Thomas Reed found a dangerous vulnerability in macOS. The threat to computers from Apple, he described on the Virus Bulletin blog.
Vulnerability is related to characteristics of check files in the macOS. The researcher found that the installed applications, as opposed to only what is uploaded by the user are not checked by the security system. After installation, the program is placed in a list of authentic and re-inspections are triggered very rarely. The attackers inject malicious code into an already functioning application.
According to Reed, the vulnerability is very easy to use. “It’s easy to grab the official app that is already installed in the system without causing any validation code signing. Worst of all, most developers don’t know about it and add their own checks,” he concludes.
According to the expert, so may be compromised by the large number of applications. However, the macOS system is functioning properly, so to correct this vulnerability can except the developers themselves, adding the possibility of frequent re-inspections.
Previously, experts have discovered a new virus that infects computers on macOS. Researcher Patrick Wardle on his blog gave him the nickname “the fool” (OSX.Dummy). The malware required the user to enter commands, and then loaded the external file and fixed it in the system.
In popular operating system found dangerous vulnerability
Expert in application development Thomas Reed found a dangerous vulnerability in macOS. The threat to computers from Apple, he described on the Virus Bulletin blog.Vulnerability is related to characteristics of check files in the macOS. The researcher found that the installed applications, as opposed to only what is uploaded by the user are not checked by the security system. After installation, the program is placed in a list of authentic and re-inspections are triggered very rarely. The attackers inject malicious code into an already functioning application.
According to Reed, the vulnerability is very easy to use. “It’s easy to grab the official app that is already installed in the system without causing any validation code signing. Worst of all, most developers don’t know about it and add their own checks,” he concludes.
According to the expert, so may be compromised by the large number of applications. However, the macOS system is functioning properly, so to correct this vulnerability can except the developers themselves, adding the possibility of frequent re-inspections.
Previously, experts have discovered a new virus that infects computers on macOS. Researcher Patrick Wardle on his blog gave him the nickname “the fool” (OSX.Dummy). The malware required the user to enter commands, and then loaded the external file and fixed it in the system.
Views: 392
©ictnews.az. All rights reserved.
Similar news
- Azerbaijani project to monitor disease via mobile phones
- Innovative educational system to be improved under presidential decree
- NTRC prolongs license of two TV and radio organizations for 6 years
- Azerbaijan establishes e-registry for medicines
- Azerbaijani museum introduces e-guide
- Nar Mobile opens “Nar Dunyasi” sales and service center in Siyazan city
- International conference on custom electronic services held in Baku
- OIC secretary general to attend COMSTECH meeting in Baku
- Azerbaijan develops earthquake warning system
- New law to regulate transition to digital broadcasting in Azerbaijan
- Azerbaijani State Social Protection Fund introduces electronic digital signature
- Intellectual traffic management system in Baku to be commissioned in December
- Tax Ministry of Azerbaijan started receiving video-addresses
- World Bank recommends Azerbaijan to speed up e-service introduction in real estate
- Azerbaijan to shift to electronic registration of real estate
