macOS malware has been on the rise for over a decade, and Apple is still figuring out a way to protect it. Despite consecutive attempts to secure the system by adding layers of protection that make it a lot more difficult for malicious software, the company has failed to prevent cyberattacks from hackers. A vulnerability in the operating system running on for months hadn’t been mitigated; was publicly disclosed and patched today.
Usually, Apple’s stringent policies frequently do not allow the scope of evasion as its Gatekeeper’s mechanism requires developers to register with Apple and pay a substantial amount to further enroll into the software. The company’s software notarization process mandates that all the applications installed with the mechanism go through an automated vetting rigorous regime. The flaws that made Apple secure were retracted and the fragilities got found by Owens. The surprising fact is that the mechanism did not get breached as he found lays in macOS itself.
He imminently conveyed the information to Apple given the magnitude of the threat posed by the real-world attackers. The cyberattacks sought to use this technique to bypass the Gatekeeper mechanism. Owens reported the bug to Apple and also transpired his findings with longtime macOS security researcher Patrick Wardle, who conducted a deeper analysis into why macOS had dropped the ball.